def user_apikey_route(user_id, action):
"""manage apikey for user"""
user = User.query.get(user_id)
form = ButtonForm()
if user and form.validate_on_submit():
if action == 'generate':
apikey = PWS.generate_apikey()
user.apikey = PWS.hash_simple(apikey)
db.session.commit()
return jsonify({
'title': 'Apikey operation',
'detail': 'New apikey generated: %s' % apikey
}), HTTPStatus.OK
if action == 'revoke':
user.apikey = None
db.session.commit()
return jsonify({
'title': 'Apikey operation',
'detail': 'Apikey revoked'
}), HTTPStatus.OK
return jsonify({
'title': 'Apikey operation',
'detail': 'Invalid request'
}), HTTPStatus.BAD_REQUEST
def test_addagent_command(runner):
"""add agent command test"""
result = runner.invoke(command, ['add-agent'])
assert result.exit_code == 0
new_apikey = result.output.strip().split(' ')[-1]
assert User.query.first().apikey == PWS.hash_simple(new_apikey)
def apikey():
"""yield valid apikey for user in role agent"""
tmp_apikey = PWS.generate_apikey()
db.session.add(User(username='******', apikey=PWS.hash_simple(tmp_apikey), active=True, roles=['agent']))
db.session.commit()
yield tmp_apikey
def load_user_from_request(req):
"""api authentication; load user form request"""
auth_header = req.headers.get('Authorization')
if auth_header:
apikey = auth_header.replace('Apikey ', '', 1)
if apikey:
return User.query.filter(
User.active, User.apikey == PWS.hash_simple(apikey)).first()
return None
def add_agent():
"""add new agent"""
apikey = PWS.generate_apikey()
agent = User(username=f'agent_{uuid4()}',
apikey=PWS.hash_simple(apikey),
active=True,
roles=['agent'])
db.session.add(agent)
db.session.commit()
print(f'new agent {agent.username} apikey {apikey}')
def apikey(self, value):
"""apikey setter"""
self._apikey = PWS.hash_simple(value) if value else None