def post(self): """ Receipt login handler used by whistleblowers """ request = self.validate_message(self.request.body, requests.ReceiptAuthDesc) receipt = request['receipt'] delay = random_login_delay() if delay: yield deferred_sleep(delay) using_tor2web = self.check_tor2web() try: user_id = yield login_whistleblower(receipt, using_tor2web) finally: yield self.uniform_answers_delay() session = GLSession(user_id, 'whistleblower', 'Enabled') self.write({ 'session_id': session.id, 'role': session.user_role, 'user_id': session.user_id, 'session_expiration': int(session.getTime()) })
def post(self): """ Receipt login handler used by whistleblowers """ request = self.validate_message(self.request.body, requests.ReceiptAuthDesc) receipt = request['receipt'] delay = random_login_delay() if delay: yield deferred_sleep(delay) using_tor2web = self.check_tor2web() try: user_id = yield login_whistleblower(receipt, using_tor2web) finally: yield self.uniform_answers_delay() session = GLSession(user_id, 'whistleblower', 'Enabled') self.write({ 'session_id': session.id, 'role': session.user_role, 'user_id': session.user_id, 'session_expiration': int(session.getTime()) })
def post(self): """ Login """ request = self.validate_message(self.request.body, requests.AuthDesc) username = request['username'] password = request['password'] delay = random_login_delay() if delay: yield deferred_sleep(delay) using_tor2web = self.check_tor2web() try: user_id, status, role, pcn = yield login(username, password, using_tor2web) finally: yield self.uniform_answers_delay() session = GLSession(user_id, role, status) self.write({ 'session_id': session.id, 'role': session.user_role, 'user_id': session.user_id, 'session_expiration': int(session.getTime()), 'status': session.user_status, 'password_change_needed': pcn })
def post(self): """ Login """ request = self.validate_message(self.request.body, requests.AuthDesc) username = request['username'] password = request['password'] delay = random_login_delay() if delay: yield deferred_sleep(delay) using_tor2web = self.check_tor2web() try: user_id, status, role, pcn = yield login(username, password, using_tor2web) finally: yield self.uniform_answers_delay() session = GLSession(user_id, role, status) self.write({ 'session_id': session.id, 'role': session.user_role, 'user_id': session.user_id, 'session_expiration': int(session.getTime()), 'status': session.user_status, 'password_change_needed': pcn })
def post(self): """ Receipt login handler used by whistleblowers """ request = self.validate_message(self.request.content.read(), requests.ReceiptAuthDesc) receipt = request['receipt'] delay = random_login_delay() if delay: yield deferred_sleep(delay) user_id = yield login_whistleblower(receipt, self.request.client_using_tor) GLSessions.revoke_all_sessions(user_id) session = GLSession(user_id, 'whistleblower', 'Enabled') returnValue({ 'session_id': session.id, 'role': session.user_role, 'user_id': session.user_id, 'session_expiration': int(session.getTime()) })
def post(self): """ Login """ request = self.validate_message(self.request.content.read(), requests.AuthDesc) username = request['username'] password = request['password'] user_id, status, role, pcn = yield login(username, password, self.request.client_using_tor) # Revoke all other sessions for the newly authenticated user GLSessions.revoke_all_sessions(user_id) session = GLSession(user_id, role, status) returnValue({ 'session_id': session.id, 'role': session.user_role, 'user_id': session.user_id, 'session_expiration': int(session.getTime()), 'status': session.user_status, 'password_change_needed': pcn })
def test_successful_session_update_on_auth_request(self): session = GLSession('admin', 'admin', 'enabled') date1 = session.getTime() self.test_reactor.pump([1] * FUTURE) handler = self.request({}, headers={'X-Session': session.id}) yield handler.get_authenticated() date2 = GLSessions.get(session.id).getTime() self.assertEqual(date1 + FUTURE, date2)
def test_successful_session_update_on_auth_request(self): session = GLSession('admin', 'admin', 'enabled') date1 = session.getTime() self.test_reactor.pump([1] * FUTURE) handler = self.request({}, headers={'X-Session': session.id}) yield handler.get_authenticated() date2 = GLSessions.get(session.id).getTime() self.assertEqual(date1 + FUTURE, date2)