def get(self, id: Optional[str] = None) -> Optional[Session]:
"""Get detail session from database
We can use id or not. If id not available, we just need to count
at least one record, if exist then load it.
"""
try:
# build coll object instance
coll = self.build_mongo_coll(self.COLLNAME)
condition = {}
if id:
condition['_id'] = ObjectId(id)
sess = coll.find_one(filter=condition)
if not sess:
return None
session = Session(token=sess.get('token'),
locked=sess.get('locked'),
profile_id=str(sess.get('profile_id')),
id=str(sess.get('_id')))
return session
except PyMongoError as exc_pymongo:
raise StorageError(exc_pymongo)
except InvalidId as exc_invalid_id:
raise StorageError(exc_invalid_id)
def test_unlock_success(self):
password = Password(raw='test_password', hasher=Sha256Hasher)
profile = Profile(name='test_name', password=password)
repo = ProfileRepository(config())
saved = repo.create(profile)
self.assertTrue(saved)
payload = {'name': profile.name}
token = Token(salt='test_salt', payload=payload, builder=JWTToken)
session = Session(token=token, locked=False, profile_id=saved.id)
repo_sec = SecurityRepository(config())
session_id = repo_sec.register(session)
session = repo_sec.get(session_id)
self.assertIsInstance(session, Session)
self.assertEqual(session.token, token.build().decode())
self.assertEqual(session.profile_id, str(saved.id))
self.assertFalse(session.locked)
repo_sec.lock(id=session_id)
session = repo_sec.get(session_id)
self.assertTrue(session.locked)
repo_sec.unlock(id=session_id)
session = repo_sec.get(session_id)
self.assertFalse(session.locked)
def register(self, session: Session) -> str:
id = str(uuid.uuid4())
sess = Session(token=session.token,
locked=False,
profile_id=session.profile_id,
id=id)
self.in_memory[id] = sess
return id
def test_remove_success(self):
password = Password(raw='test_password', hasher=Sha256Hasher)
profile = Profile(name='test_name', password=password)
repo = ProfileRepository(config())
saved = repo.create(profile)
self.assertTrue(saved)
payload = {'name': profile.name}
token = Token(salt='test_salt', payload=payload, builder=JWTToken)
session = Session(token=token, locked=False, profile_id=saved.id)
repo_sec = SecurityRepository(config())
session_id = repo_sec.register(session)
self.assertIsInstance(session_id, str)
self.assertTrue(repo_sec.remove(session_id))
self.assertFalse(repo_sec.is_exist())
def login(self, salt: str, given_profile: Profile,
success_cb: LoginSuccessCallback) -> Union[State, Session]:
"""Logging in users
Raises:
autowp.core.shared.exceptions.VarTypeError: When given profile is not an instance of Profile
autowp.core.shared.exceptions.ValidationError: When cannot validate given profile entity
"""
typechecker.check(given_profile, Profile, ('given_profile', 'Profile'))
self.validate_profile(given_profile)
profile = self.repo_profile.get_detail(given_profile.name)
if not profile: # profile not exist
return State(self.STATE_NAME, self.STATE_FAILED_NO_PROFILE,
'Profile not exist')
password = None
if isinstance(profile.password, str):
password = profile.password
if isinstance(profile.password, Password):
password = profile.password.hashed
if given_profile.password.to_hash() != password:
return State(self.STATE_NAME, self.STATE_FAILED_PASSWORD_MISMTACH,
'Password mismatch')
# use callback to create a session object
# we need to save this session to our data storage
# and generate a new session object with an id from storage
session_raw = success_cb(salt, profile)
session_id = self.repo.register(session_raw)
# generate new session
session = Session(locked=False,
token=session_raw.token,
id=session_id,
profile_id=profile.id)
return session
def _login_success_callback(self, salt: str, profile: Profile) -> Session:
"""Build jwt token"""
payload = {'name': profile.name}
token = Token(salt=self.config.salt, payload=payload, builder=JWTToken)
session = Session(token=token, locked=False, profile_id=profile.id)
return session
def _on_success_cb(salt: str, profile: Profile) -> Session:
payload = {'name': profile.name}
token = Token(salt, payload, HashlibToken)
sess = Session(token=token, locked=False, profile_id=profile.id)
return sess
def register(self, session: Session) -> str: id = str(uuid.uuid4()) sess = Session(id, session.token, False) self.in_memory[id] = sess return id