def validate_serial(req_data): """Verify serial in data validates Args: req_data (dict): request with serial and possibly models """ if req_data.get('version') != SCHEMA_COMMON.version: raise util.SRException('serverUpgraded', None) with _global_lock: sim_type = sirepo.template.assert_sim_type(req_data.simulationType) sid = req_data.models.simulation.simulationId req_ser = req_data.models.simulation.simulationSerial curr = read_simulation_json(sim_type, sid=sid) curr_ser = curr.models.simulation.simulationSerial if not req_ser is None: if req_ser == curr_ser: return status = 'newer' if req_ser > curr_ser else 'older' raise util.Error( PKDict( sim_type=sim_type, error='invalidSerial', simulationData=req_data, ), '{}: incoming serial {} than stored serial={} sid={}, resetting client', req_ser, status, curr_ser, sid, )
def logged_in_user(check_path=True): """Get the logged in user Args: check_path (bool): call `simulation_db.user_path` [True] Returns: str: uid of authenticated user """ u = _get_user() if not _is_logged_in(): raise util.SRException( 'login', None, 'user not logged in uid={}', u, ) assert u, \ 'no user in cookie: state={} method={}'.format( cookie.unchecked_get_value(_COOKIE_STATE), cookie.unchecked_get_value(_COOKIE_METHOD), ) if check_path: import sirepo.simulation_db sirepo.simulation_db.user_path(u, check=True) return u
def api_authCompleteRegistration(): # Needs to be explicit, because we would need a special permission # for just this API. if not _is_logged_in(): raise util.SRException(LOGIN_ROUTE_NAME, None) complete_registration( _parse_display_name(http_request.parse_json().get('displayName')), ) return http_reply.gen_json_ok()
def _raise_sbatch_login_srexception(self, reason, msg): raise util.SRException( 'sbatchLogin', PKDict( isModal=True, reason=reason, simulationId=msg.simulationId, simulationType=msg.simulationType, report=msg.computeModel, host=self.cfg.host, ), )
def login_fail_redirect(sim_type=None, module=None, reason=None, reload_js=False): raise util.SRException( 'loginFail', PKDict( method=module.AUTH_METHOD, reason=reason, reload_js=reload_js, sim_type=sim_type, ), 'login failed: reason={} method={}', reason, module.AUTH_METHOD, )
def require_user(): e = None m = cookie.unchecked_get_value(_COOKIE_METHOD) p = None r = 'login' s = cookie.unchecked_get_value(_COOKIE_STATE) u = _get_user() if s is None: e = 'no user in cookie' elif s == _STATE_LOGGED_IN: if m in cfg.methods: f = getattr(_METHOD_MODULES[m], 'validate_login', None) if f: pkdc('validate_login method={}', m) f() return if m in cfg.deprecated_methods: e = 'deprecated' else: e = 'invalid' reset_state() p = PKDict(reload_js=True) e = 'auth_method={} is {}, forcing login: uid='.format(m, e, u) elif s == _STATE_LOGGED_OUT: e = 'logged out uid={}'.format(u) if m in cfg.deprecated_methods: # Force login to this specific method so we can migrate to valid method r = 'loginWith' p = PKDict({':method': m}) e = 'forced {}={} uid={}'.format(m, r, p) elif s == _STATE_COMPLETE_REGISTRATION: if m == METHOD_GUEST: pkdc('guest completeRegistration={}', u) complete_registration() return r = 'completeRegistration' e = 'uid={} needs to complete registration'.format(u) else: cookie.reset_state('uid={} state={} invalid, cannot continue'.format( s, u)) p = PKDict(reload_js=True) e = 'invalid cookie state={} uid={}'.format(s, u) pkdc('SRException uid={} route={} params={} method={} error={}', u, r, p, m, e) raise util.SRException(r, p, 'user not logged in: {}', e)
def logged_in_user(): """Get the logged in user Returns: str: uid of authenticated user """ res = _get_user() if not _is_logged_in(): raise util.SRException( 'login', None, 'user not logged in uid={}', res, ) assert res, 'no user in cookie: state={} method={}'.format( cookie.unchecked_get_value(_COOKIE_STATE), cookie.unchecked_get_value(_COOKIE_METHOD), ) return res
def user_dir_not_found(user_dir, uid): """Called by simulation_db when user_dir is not found Deletes any user records Args: uid (str): user that does not exist """ with auth_db.thread_lock: for m in _METHOD_MODULES.values(): u = _method_user_model(m, uid) if u: u.delete() u = auth_db.UserRegistration.search_by(uid=uid) if u: u.delete() reset_state() raise util.SRException( 'login', PKDict(reload_js=True), 'simulation_db dir={} not found, deleted uid={}', user_dir, uid, )