def flush_role(cls, role): # Clear collections ACL cache cache.kv.hdel(cls.ACCESS, role.id) if role.is_blocked or role.deleted_at is not None: # End all user sessions prefix = cache.key(cls.TOKENS, "%s." % role.id) cache.flush(prefix=prefix)
def from_token(cls, token_id): state_key = cache.key(cls.TOKENS, token_id) state = cache.get_complex(state_key) if state is None: raise Unauthorized() return cls(state.get("id"), state.get("roles"), is_admin=state.get("is_admin"), token_id=token_id)
def to_token(self): if self.token_id is None: self.token_id = "%s.%s" % (self.id, make_token()) key = cache.key(self.TOKENS, self.token_id) state = { "id": self.id, "roles": list(self.roles), "is_admin": self.is_admin } return self.token_id
def destroy(self): if self.role is not None: self.flush_role(self.role) if self.token_id is not None: cache.delete(cache.key(self.TOKENS, self.token_id))
def _token_session(token): return cache.key("oauth-id-tok", token)
def _oauth_session(token): return cache.key("oauth-sess", token)