def get_login_user(request):
key = request.META.get('HTTP_AUTHORIZATION', None)
if not key:
key = request.META.get('HTTP_AUTH', None)
if not key:
key = request.META.get('HTTP_HTTP_AUTH', None)
if not key:
return None, dict(error_codename="empty_hmac")
try:
at = HMACToken(key)
if not at.check_expiration(settings.TIMEOUT):
return None, dict(error_codename="expired_hmac_key")
v = verifyhmac(settings.SHARED_SECRET, key, settings.TIMEOUT, at=at)
if not v:
return None, dict(error_codename="invalid_hmac")
user = User.objects.get(username=at.get_userid())
except:
return None, dict(error_codename="invalid_hmac_userid")
return user, None
def test_authenticate(self):
c = JClient()
data = {'username': '******', 'password': '******'}
response = c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['status'], 'ok')
self.assertEqual(verifyhmac(settings.SHARED_SECRET,
r['auth-token']), True)
time.sleep(3)
self.assertEqual(verifyhmac(settings.SHARED_SECRET,
r['auth-token'], seconds=3), False)
data = {'username': '******', 'password': '******'}
response = c.authenticate(self.aeid, data)
self.assertEqual(response.status_code, 400)
def test_getperms_perm(self):
c = JClient()
c.authenticate(self.aeid, test_data.pwd_auth)
data = {"object_type": "User", "permission": "create"}
response = c.post('/api/get-perms/', data)
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['status'], 'ok')
self.assertEqual(
verifyhmac(settings.SHARED_SECRET, r['permission-token']), True)
def test_getperms_perm(self):
c = JClient()
c.authenticate(self.aeid, test_data.pwd_auth)
data = {
"object_type": "User",
"permission": "create"
}
response = c.post('/api/get-perms/', data)
self.assertEqual(response.status_code, 200)
r = json.loads(response.content.decode('utf-8'))
self.assertEqual(r['status'], 'ok')
self.assertEqual(verifyhmac(settings.SHARED_SECRET,
r['permission-token']), True)
def get_login_user(request):
key = request.META.get('HTTP_AUTHORIZATION', None)
if not key:
key = request.META.get('HTTP_AUTH', None)
if not key:
key = request.META.get('HTTP_HTTP_AUTH', None)
if not key:
return None
v = verifyhmac(settings.SHARED_SECRET, key, settings.TIMEOUT)
if not v:
return None
try:
at = AuthToken(key)
user = User.objects.get(username=at.userid)
except:
return None
return user
def get_login_user(request):
key = get_auth_key(request)
hmac_token = None
if not key:
return None, dict(error_codename="empty_hmac"), hmac_token
try:
hmac_token = HMACToken(key)
if not hmac_token.check_expiration(settings.TIMEOUT):
return None, dict(error_codename="expired_hmac_key"), hmac_token
v = verifyhmac(settings.SHARED_SECRET, key, settings.TIMEOUT, at=hmac_token)
if not v:
return None, dict(error_codename="invalid_hmac"), hmac_token
user = User.objects.get(username=hmac_token.get_userid())
except:
return None, dict(error_codename="invalid_hmac_userid"), hmac_token
return user, None, hmac_token