Example #1
0
    def token_revoke():
        """ POST /token/revoke

            Expires the token that is currently being used.
        """

        auth_token = request.headers.get("X-Keydom-Session")

        if not auth_token:
            resp = routing.base.generate_error_response(code=409)
            resp["message"] = "Invalid authentication token."
            return json.dumps(resp) + "\n"

        try:
            token = Token.get(Token.token == auth_token)
        except Exception:
            resp = routing.base.generate_error_response(code=409)
            resp["message"] = "Invalid authentication token."
            return json.dumps(resp) + "\n"

        if token.has_expired:
            resp = routing.base.generate_error_response(code=403)
            resp[
                "message"] = "Authentication token has expired. Request another."
            return json.dumps(resp) + "\n"

        token.expire()

        resp = routing.base.generate_bare_response()
        return json.dumps(resp) + "\n"
Example #2
0
    def token_check():
        """ POST /token/check

            Checks if the token that is posted is active
            and returns the associated username.
        """

        token = request.forms.get("token")

        try:
            res = Token.get(Token.token == token)
        except:
            resp = routing.base.generate_error_response(code=409)
            resp["message"] = "Invalid authentication token."
            return json.dumps(resp) + "\n"

        resp = routing.base.generate_bare_response()

        if res.has_expired:
            resp["expired"] = True

        resp["auth"] = {
            "username": res.for_user.username,
            "expires_at": str(res.expire_time),
        }

        return json.dumps(resp) + "\n"
Example #3
0
def token_by_header_data(auth_token):
    """ Accepts the user provided auth token and returns a
        token object if the token is valid, otherwise, None.
    """

    from keydom.models.user import Token

    if not auth_token:
        return None

    try: token = Token.get(Token.token == auth_token)
    except Exception as e:
        return None

    return token
Example #4
0
def token_by_header_data(auth_token):
    """ Accepts the user provided auth token and returns a
        token object if the token is valid, otherwise, None.
    """

    from keydom.models.user import Token

    if not auth_token:
        return None

    try:
        token = Token.get(Token.token == auth_token)
    except Exception as e:
        return None

    return token
Example #5
0
    def user_tokens():
        """ GET /tokens

            Headers:
              X-Keydom-Session => current session token

            Returns the list of tokens that are active for the user
            associated with the current token.
        """

        auth_token = request.headers.get("X-Keydom-Session")

        if not auth_token:
            resp = routing.base.generate_error_response(code=409)
            resp["message"] = "Invalid authentication token."
            return json.dumps(resp) + "\n"

        try:
            token = Token.get(Token.token == auth_token)
        except Exception:
            resp = routing.base.generate_error_response(code=409)
            resp["message"] = "Invalid authentication token."
            return json.dumps(resp) + "\n"

        if token.has_expired:
            resp = routing.base.generate_error_response(code=403)
            resp[
                "message"] = "Authentication token has expired. Request another."
            return json.dumps(resp) + "\n"

        user = token.for_user
        tokens = user.tokens()

        resp = routing.base.generate_bare_response()
        resp["session"] = {
            "username": user.username,
        }
        resp["tokens"] = []

        for user_token in tokens:
            resp["tokens"].append({
                "token": str(token.token),
                "expires_at": str(token.expire_time),
                "created_at": str(token.timestamp),
            })

        return json.dumps(resp) + "\n"
Example #6
0
    def user_tokens():
        """ GET /tokens

            Headers:
              X-Keydom-Session => current session token

            Returns the list of tokens that are active for the user
            associated with the current token.
        """

        auth_token = request.headers.get("X-Keydom-Session")

        if not auth_token:
            resp = routing.base.generate_error_response(code=409)
            resp["message"] = "Invalid authentication token."
            return json.dumps(resp) + "\n"

        try:
            token = Token.get(Token.token == auth_token)
        except Exception:
            resp = routing.base.generate_error_response(code=409)
            resp["message"] = "Invalid authentication token."
            return json.dumps(resp) + "\n"

        if token.has_expired:
            resp = routing.base.generate_error_response(code=403)
            resp["message"] = "Authentication token has expired. Request another."
            return json.dumps(resp) + "\n"

        user = token.for_user
        tokens = user.tokens()

        resp = routing.base.generate_bare_response()
        resp["session"] = {
            "username": user.username,
        }
        resp["tokens"] = []

        for user_token in tokens:
            resp["tokens"].append({
                "token": str(token.token),
                "expires_at": str(token.expire_time),
                "created_at": str(token.timestamp),
            })

        return json.dumps(resp) + "\n"
Example #7
0
    def user_session():
        """ GET /session

            Headers:
              X-Keydom-Session => current session token

            Reads the X-Keydom-Session header and checks if the token is valid.
            If it is, the API returns the username that the token is
            associated with.
        """

        auth_token = request.headers.get("X-Keydom-Session")

        if not auth_token:
            resp = routing.base.generate_error_response(code=409)
            resp["message"] = "Invalid authentication token."
            return json.dumps(resp) + "\n"

        try:
            token = Token.get(Token.token == auth_token)
        except Exception:
            resp = routing.base.generate_error_response(code=409)
            resp["message"] = "Invalid authentication token."
            return json.dumps(resp) + "\n"

        user = token.for_user

        if token.has_expired:
            resp = routing.base.generate_error_response(code=403)
            resp[
                "message"] = "Authentication token has expired. Request another."
            return json.dumps(resp) + "\n"

        resp = routing.base.generate_bare_response()
        resp["session"] = {
            "username": user.username,
        }
        resp["token"] = {
            "expires_at": str(token.expire_time),
            "created_at": str(token.timestamp),
        }

        return json.dumps(resp) + "\n"
Example #8
0
    def user_session():
        """ GET /session

            Headers:
              X-Keydom-Session => current session token

            Reads the X-Keydom-Session header and checks if the token is valid.
            If it is, the API returns the username that the token is
            associated with.
        """

        auth_token = request.headers.get("X-Keydom-Session")

        if not auth_token:
            resp = routing.base.generate_error_response(code=409)
            resp["message"] = "Invalid authentication token."
            return json.dumps(resp) + "\n"

        try:
            token = Token.get(Token.token == auth_token)
        except Exception:
            resp = routing.base.generate_error_response(code=409)
            resp["message"] = "Invalid authentication token."
            return json.dumps(resp) + "\n"

        user = token.for_user

        if token.has_expired:
            resp = routing.base.generate_error_response(code=403)
            resp["message"] = "Authentication token has expired. Request another."
            return json.dumps(resp) + "\n"

        resp = routing.base.generate_bare_response()
        resp["session"] = {
            "username": user.username,
        }
        resp["token"] = {
            "expires_at": str(token.expire_time),
            "created_at": str(token.timestamp),
        }

        return json.dumps(resp) + "\n"
Example #9
0
    def token_revoke_all():
        """ POST /token/revoke/all

            Expires ALL tokens for the user represented by the posted token.
        """

        auth_token = request.headers.get("X-Keydom-Session")

        if not auth_token:
            resp = routing.base.generate_error_response(code=409)
            resp["message"] = "Invalid authentication token."
            return json.dumps(resp) + "\n"

        try:
            token = Token.get(Token.token == auth_token)
        except Exception:
            resp = routing.base.generate_error_response(code=409)
            resp["message"] = "Invalid authentication token."
            return json.dumps(resp) + "\n"

        if token.has_expired:
            resp = routing.base.generate_error_response(code=403)
            resp[
                "message"] = "Authentication token has expired. Request another."
            return json.dumps(resp) + "\n"

        user = token.for_user
        tokens = user.tokens()

        resp = routing.base.generate_bare_response()
        resp["tokens"] = {}

        for user_token in tokens:
            try:
                user_token.expire()
            except:
                pass

            resp["tokens"].update({user_token.token: {"status": "revoked"}})

        return json.dumps(resp) + "\n"