Python ApiKey Examples

Example #1

def auth_by_mail(session: helpers.extend.session,
                 response,
                 mail,
                 passcode=None,
                 captcha=None,
                 api_key=None):
    """Authenticates a user by email and passcode"""
    if not helpers.is_mail(mail):
        return helpers.response.error("user_mail_invalid", falcon.HTTP_400)
    try:
        query = session.query(User).filter(User.mail == mail)
        requested_user = query.one()
        new_key = helpers.make_key()
        # Standard api_key authorization
        if api_key:
            if list(
                    filter(lambda x: x.api_key == api_key,
                           requested_user.api_keys)):
                return user_with_key(requested_user, api_key)
            return helpers.response.error("API key authentication_failed",
                                          falcon.HTTP_401)
        # Passcode verification
        elif passcode:
            # Check captcha
            if not helpers.authentication.check_captcha(captcha):
                return helpers.response.error("captcha_verification_failure",
                                              falcon.HTTP_400)
            if requested_user.passcode == passcode:
                # Consume passcode
                requested_user.passcode = None
                # Mail already verified append key
                if requested_user.is_mail_verified:
                    requested_user.api_keys.append(
                        ApiKey(user=requested_user, api_key=new_key))
                # Else mark mail as verified and reset keys
                else:
                    requested_user.is_mail_verified = True
                    requested_user.api_keys = [
                        ApiKey(user=requested_user, api_key=new_key)
                    ]
                #session.add(requested_user)
                return user_with_key(requested_user, new_key)
            return helpers.response.error("Passcode authentication_failed",
                                          falcon.HTTP_401)
        # Exploration account
        elif not requested_user.is_mail_verified:
            # Ensure there is a key
            if not requested_user.api_keys:
                requested_user.api_keys.append(
                    ApiKey(user=requested_user, api_key=new_key))
                #session.add(requested_user)
            else:
                new_key = requested_user.api_keys[0].api_key
            return user_with_key(requested_user, new_key)
        # Everything failed
        return helpers.response.error("Auhentication required",
                                      falcon.HTTP_401)

    except NoResultFound:
        return helpers.response.error("user_not_found", falcon.HTTP_400)

Example #2

File: koala.py Project: bostrt/koala

def register():
    '''
    Register a new user and generate then an API Key.
    Returns JSON-encoded username and API Key.
    '''
    reqjson = request.get_json()
    username = reqjson.get('username', '')
    password = reqjson.get('password', '')

    if not username or not password:
        logging.debug('Denying access for username of %s' % username)
        abort(400)

    try:
        user = User.create(username=username, password=password)
    except IntegrityError as e:
        logging.error('unable to register user with username %s' % username, e)
        abort(409)

    key = hashlib.sha1(username + password + str(datetime.now().microsecond) + SALT)

    apikey = ApiKey.create(owner=user.id, key=key.hexdigest())

    logging.warn('registered user with username %s' % username)
    return jsonify({'username': user.username, 'apikey': apikey.key}), 201

Example #3

def generate_key():
    '''
    Generate a new key for user.
    Returns JSON-encoded username and API Key.
    '''
    reqjson = request.get_json()
    username = reqjson.get('username', '')
    password = reqjson.get('password', '')

    try:
        user = User.get(User.username == username)
    except User.DoesNotExist:
        logging.debug('User does not exist with username of %s' % username)
        abort(403)

    if user.password == password:
        key = hashlib.sha1(username + password +
                           str(datetime.now().microsecond) + SALT)
        apikey = ApiKey.create(owner=user.id, key=key.hexdigest())
        return jsonify({'username': user.username, 'apikey': apikey.key}), 201
    else:
        logging.debug(
            'Unable to authenticate user to generate API Key for username %s' %
            username)
        abort(403)

Example #4

def register():
    '''
    Register a new user and generate then an API Key.
    Returns JSON-encoded username and API Key.
    '''
    reqjson = request.get_json()
    username = reqjson.get('username', '')
    password = reqjson.get('password', '')

    if not username or not password:
        logging.debug('Denying access for username of %s' % username)
        abort(400)

    try:
        user = User.create(username=username, password=password)
    except IntegrityError as e:
        logging.error('unable to register user with username %s' % username, e)
        abort(409)

    key = hashlib.sha1(username + password + str(datetime.now().microsecond) +
                       SALT)

    apikey = ApiKey.create(owner=user.id, key=key.hexdigest())

    logging.warn('registered user with username %s' % username)
    return jsonify({'username': user.username, 'apikey': apikey.key}), 201

Example #5

File: koala.py Project: bostrt/koala

def generate_key():
    '''
    Generate a new key for user.
    Returns JSON-encoded username and API Key.
    '''
    reqjson = request.get_json()
    username = reqjson.get('username', '')
    password = reqjson.get('password', '')

    try:
        user = User.get(User.username == username)
    except User.DoesNotExist:
        logging.debug('User does not exist with username of %s' % username)
        abort(403)

    if user.password == password:
        key = hashlib.sha1(username + password + str(datetime.now().microsecond) + SALT)
        apikey = ApiKey.create(owner=user.id, key=key.hexdigest())
        return jsonify({'username': user.username, 'apikey': apikey.key}), 201
    else:
        logging.debug('Unable to authenticate user to generate API Key for username %s' % username)
        abort(403)