def test_sessions_token(self):
token1 = UserToken.get_sessions_token(self.user1)
token2 = UserToken.get_sessions_token(self.user1)
self.assertEqual(token1, token2)
self.assertEqual(token1.user, self.user1)
self.assertEqual(token1.name, "Sessions token")
self.assertEqual(token1.notes, 'Token used by Stencila when launching sessions on your behalf')
def get_password_reset_url(email=None):
"""
Returns the password reset url.
"""
reset_link = ""
if email:
try:
prev_token = UserToken.objects.get(email=email,
token_type=3,
status=False)
if prev_token:
prev_token.status = True
prev_token.save()
except UserToken.DoesNotExist:
pass
passwd_reset_token = UserToken(email=email, token_type=3)
passwd_reset_token.save()
reset_link = "{0}/user/passwordreset/?questr_token={1}".format(
settings.QUESTR_URL, passwd_reset_token.get_token())
return reset_link
def get_signup_invitation_url(email=None, token_type=None):
"""
Returns the verification url.
"""
signup_link = ""
if email and token_type:
try:
prev_token = UserToken.objects.get(email=email,
token_type=token_type,
status=False)
if prev_token:
prev_token.status = True
prev_token.save()
except UserToken.DoesNotExist:
pass
signup_token = UserToken(email=email, token_type=token_type)
signup_token.save()
signup_link = "{0}/signup/invitation/?questr_token={1}".format(
settings.QUESTR_URL, signup_token.get_token())
return signup_link
def get_verification_url(user=None):
"""
Returns the verification url.
"""
verf_link = ""
if user:
try:
prev_token = UserToken.objects.get(email=user.email,
token_type=0,
status=False)
if prev_token:
prev_token.status = True
prev_token.save()
except UserToken.DoesNotExist:
pass
verf_token = UserToken(email=user.email, token_type=0)
verf_token.save()
verf_link = "{0}/user/email/confirm/?questr_token={1}".format(
settings.QUESTR_URL, verf_token.get_token())
return verf_link
def test_token(self):
'''
Do token issuing, encoding/decoding work as expected?
'''
token = UserToken.objects.create(
version='01',
user=self.user1
)
self.assertEqual(token.version, token.string[:2])
self.assertTrue(len(token.string) > 0)
string, version, expires, user = UserToken.decode(token.string)
self.assertEqual(version, token.version)
self.assertEqual(user, token.user.id)
user = UserToken.authenticate(token.string)
self.assertEqual(user, token.user)
self.assertEqual(user, self.user1)
with self.assertRaises(PermissionDenied):
UserToken.authenticate('01-some-bogus-token')
def post(self, request, *args, **kwargs):
data = json.loads(request.body)
username = data.get('email')
password = data.get('password')
try:
credentials = {
get_user_model().USERNAME_FIELD: username,
'password': password
}
user = authenticate(**credentials)
try:
token = user.usertoken.key
except UserToken.DoesNotExist:
obj = UserToken(user=user)
obj.save()
token = obj.key
return JsonResponse({
"username": user.username,
"token": token
},
safe=False)
except User.DoesNotExist:
return JsonResponse({}, status=401)
def start(self):
'''
Start the session. This is a separate method from `launch`
because it is useful for testing when you want to create a
session in the admin and start it from there
'''
if self.started is None:
# Just-in-time initalization of attributes required for running
# a session (to save having to enter these in the admin)
#
# Get the sessions token for the user, creating
# one if necessary
self.token = UserToken.get_sessions_token(self.user).string
# Apply session type limits to this session
# is they have not bee cutomised
if self.memory is None:
self.memory = self.type.memory
if self.cpu is None:
self.cpu = self.type.cpu
if self.network is None:
self.network = self.type.network
# If worker not yet assigned (eg. in admin)
if not self.worker:
# Find the best worker to start the session on
self.worker = Worker.choose(self)
# Start on the worker
self.status = 'Starting'
# Session could be started asynchronously but for now
# it is started here
result = self.worker.start(self)
self.uuid = result.get('uuid')
if result.get('warning'):
logger.warning('Session start warning', exc_info=True, extra=dict(
session=self.id,
warning=result.get('warning')
))
if result.get('error'):
logger.error('Session start error', exc_info=True, extra=dict(
session=self.id,
error=result.get('error')
))
# Update
self.active = True
self.started = timezone.now()
self.save()
def test_start(self):
'''
Has the session started properly?
'''
self.assertEqual(self.session.component, self.stencil)
self.assertEqual(self.session.user, self.user1)
token = UserToken.get_sessions_token(self.user1)
self.assertEqual(self.session.token, token.string)
self.assertEqual(self.session.memory, '1g')
self.assertEqual(self.session.cpu, 1024)
self.assertEqual(self.session.worker, self.worker)
self.assertTrue(self.session.uuid is not None)
self.assertEqual(self.session.status, 'Starting')
self.assertTrue(self.session.started > timezone.now()-datetime.timedelta(seconds=1))
def tokens(request, id=None):
'''
List, create, read, update, delete user tokens
'''
api = API(request)
if id is None:
if api.get:
# List all tokens for the user
tokens = UserToken.objects.filter(
user=request.user
)
return api.respond(tokens)
elif api.post:
# Create a token for the user
token = UserToken.objects.create(
user=request.user,
name=api.optional('name'),
notes=api.optional('notes')
)
return api.respond(token)
else:
# Get token, ensuring it is associated with the
# request user
token = UserToken.get_or_raise(
id=id,
user=request.user
)
if api.get:
# Read it
return api.respond(token)
elif api.patch:
# Update it
token.name = api.optional('name')
token.notes = api.optional('notes')
token.save()
return api.respond(token)
elif api.delete:
# Delete it
token.delete()
return api.respond()
def authenticate(self, stencila_token_auth, **kwargs):
return UserToken.authenticate(stencila_token_auth)
def authenticate(self, stencila_basic_auth, username, password):
if(username == 'Token' or username == ''):
return UserToken.authenticate(password)
return authenticate(username=username, password=password)
def login(request):
try:
data = json.loads(request.POST["data"])
username = data.get("username")
password = data.get("password")
# -- user and pswd checking --
if (username is None and password is None) or (username == "" and password == ""):
return JsonResponse({
"result": "error",
"message": "user and password are empty or none"
})
if username is None or username == "":
return JsonResponse({
"result": "error",
"message": "user is empty or none"
})
if password is None or password == "":
return JsonResponse({
"result": "error",
"message": "password is empty or none"
})
# -- end of user and pswd checking --
# login
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
user_token = get_object_or_None(UserToken, user=user)
if user_token is None:
token_value = Token.generate_value()
user_token = UserToken(token=token_value, user=user)
user_token.save()
return JsonResponse({
"result": "ok",
"username": user.username,
"email": user.email,
"token": user_token.token
})
else:
return JsonResponse({
"result": "error",
"message": "user is not active"
})
else:
return JsonResponse({
"result": "error",
"message": "no user"
})
except Exception as e:
return JsonResponse({
"result": "error",
"message": "something went wrong on the server",
"traceback": str(e)
})
