def stop(request, session_id): """ Inform the proxy to stop a session based on session_id. """ if request.method != "POST": return HttpResponse(status=405) r = redis_wrapper.init_redis() response_key = str(ObjectId()) redis_wrapper.publish_to_proxy( json.dumps({ "operation": "stop_session", "param": session_id, "key": response_key, })) for i in range(0, 50): response = r.get(response_key) if response is not None: try: response = json.loads(response) except ValueError: return HttpResponse(status=500) if ('code' in response) and (response['code'] == 200): return JsonResponse({"proxyResponse": response}, status=200) else: return HttpResponse(status=500) else: time.sleep(.1) # sleep 100ms return HttpResponse(status=408, content='The proxy did not respond')
def stop(request, session_id): """ Inform the proxy to stop a session based on session_id. """ if request.method != "POST": return HttpResponse(status=405) r = redis_wrapper.init_redis() response_key = str(ObjectId()) redis_wrapper.publish_to_proxy(json.dumps({ "operation": "stop_session", "param": session_id, "key": response_key, })) for i in range(0, 50): response = r.get(response_key) if response is not None: try: response = json.loads(response) except ValueError: return HttpResponse(status=500) if ('code' in response) and (response['code'] == 200): return JsonResponse({"proxyResponse": response}, status=200) else: return HttpResponse(status=500) else: time.sleep(.1) # sleep 100ms return HttpResponse(status=408, content='The proxy did not respond')
def stop(request): """ Stop the proxy. """ if request.method != "GET": return HttpResponse(status=405) from api.models import redis_wrapper r = redis_wrapper.init_redis() response_key = str(ObjectId()) redis_wrapper.publish_to_proxy(json.dumps({ "operation": "stop", "param": None, "key": response_key, })) for i in range(0, 50): response = r.get(response_key) if response is not None: try: response = json.loads(response) except ValueError: return HttpResponse(status=500) if ('code' in response) and (response['code'] == 200): return JsonResponse({"proxyResponse": response}, status=200) else: return HttpResponse(status=500) else: time.sleep(.1) # sleep 100ms return HttpResponse(status=408)
def stop(request): """ Stop the proxy. """ if request.method != "GET": return HttpResponse(status=405) from api.models import redis_wrapper r = redis_wrapper.init_redis() response_key = str(ObjectId()) redis_wrapper.publish_to_proxy( json.dumps({ "operation": "stop", "param": None, "key": response_key, })) for i in range(0, 50): response = r.get(response_key) if response is not None: try: response = json.loads(response) except ValueError: return HttpResponse(status=500) if ('code' in response) and (response['code'] == 200): return JsonResponse({"proxyResponse": response}, status=200) else: return HttpResponse(status=500) else: time.sleep(.1) # sleep 100ms return HttpResponse(status=408)
def valid_token(self): """ Validate token in self.token_string against redis backend. """ from api.models import redis_wrapper from django.conf import settings r = redis_wrapper.init_redis() username = r.get(self.token_string) if username is None: return False else: self.username = username r.expire(self.token_string, settings.TOKEN_TTL) # renew the token expiration return True
def login(request): """ Authenticates given 'username' and 'password_hash' against user in database. """ if request.method != 'POST': r = HttpResponse('Invalid method. Only POST method accepted.', status=405) r['Allow'] = 'POST' return r try: in_json = json.loads(request.body) assert "username" in in_json assert "password" in in_json except AssertionError: return HttpResponseBadRequest("argument mismatch") except ValueError as e: return HttpResponseBadRequest("invalid JSON") dbc = db_model.connect() user = dbc.hbuser.find_one({"username": in_json['username']}) if user is None: # not returning "user not found" to avoid attackers to guess valid users return HttpResponse(status=401) else: m = hashlib.sha512() m.update(in_json['password']) password_hash = m.hexdigest() if user['password'] == password_hash: m = hashlib.sha512() m.update(os.urandom(64)) token_string = m.hexdigest() from api.models import redis_wrapper r = redis_wrapper.init_redis() r.set(token_string, user['username'], settings.TOKEN_TTL) # Store tokens to expire in 1 hour r = HttpResponse() r['X-Auth-Token'] = token_string logger.info("login success for user '%s'" % in_json['username']) return r else: logger.info("login failed for user '%s'" % in_json['username']) return HttpResponse(status=401)
def stop(request, recording_id): """ Stop a recording, and wait N seconds for the proxy to acknowledge." """ from api.models import redis_wrapper r = redis_wrapper.init_redis() response_key = str(ObjectId()) redis_wrapper.publish_to_proxy( json.dumps({"operation": "stop_recording", "param": recording_id, "key": response_key}) ) logger.info("recording '%s' stopped by '%s'" % (recording_id, request.user["username"])) for i in range(0, 50): response = r.get(response_key) if response is not None: return JsonResponse({"proxyResponse": response}) else: time.sleep(0.1) # sleep 100ms return JsonResponse({"proxyResponse": None}, status=503)
def start(request, session_id): """ Inform the proxy to start a session based on session_id. """ if request.method != "POST": return HttpResponse(status=405) r = redis_wrapper.init_redis() response_key = str(ObjectId()) dbc = db_model.connect() try: session = dbc.session.find_one({"_id": ObjectId(session_id)}) except InvalidId: return HttpResponseNotFound() if session is None: return HttpResponseNotFound() session['executions'] += 1 dbc.session.save(session) redis_wrapper.publish_to_proxy( json.dumps({ "operation": "start_session", "param": session_id, "key": response_key, })) for i in range(0, 50): response = r.get(response_key) if response is not None: try: response = json.loads(response) except ValueError: return HttpResponse(status=500) if ('code' in response) and (response['code'] == 200): return JsonResponse({"proxyResponse": response}, status=200) else: return HttpResponse(status=500) else: time.sleep(.1) # sleep 100ms return HttpResponse(status=408, content='The proxy did not respond')
def stop(request, recording_id): """ Stop a recording, and wait N seconds for the proxy to acknowledge." """ from api.models import redis_wrapper r = redis_wrapper.init_redis() response_key = str(ObjectId()) redis_wrapper.publish_to_proxy( json.dumps({ "operation": "stop_recording", "param": recording_id, "key": response_key, })) logger.info("recording '%s' stopped by '%s'" % (recording_id, request.user['username'])) for i in range(0, 50): response = r.get(response_key) if response is not None: return JsonResponse({"proxyResponse": response}) else: time.sleep(.1) # sleep 100ms return JsonResponse({"proxyResponse": None}, status=503)
def start(request, session_id): """ Inform the proxy to start a session based on session_id. """ if request.method != "POST": return HttpResponse(status=405) r = redis_wrapper.init_redis() response_key = str(ObjectId()) dbc = db_model.connect() try: session = dbc.session.find_one({"_id": ObjectId(session_id)}) except InvalidId: return HttpResponseNotFound() if session is None: return HttpResponseNotFound() session['executions'] += 1 dbc.session.save(session) redis_wrapper.publish_to_proxy(json.dumps({ "operation": "start_session", "param": session_id, "key": response_key, })) for i in range(0, 50): response = r.get(response_key) if response is not None: try: response = json.loads(response) except ValueError: return HttpResponse(status=500) if ('code' in response) and (response['code'] == 200): return JsonResponse({"proxyResponse": response}, status=200) else: return HttpResponse(status=500) else: time.sleep(.1) # sleep 100ms return HttpResponse(status=408, content='The proxy did not respond')
def status(request): """ Return status of proxy. """ if request.method != "GET": return HttpResponse(status=405) from api.models import redis_wrapper r = redis_wrapper.init_redis() response_key = str(ObjectId()) redis_wrapper.publish_to_proxy(json.dumps({ "operation": "status", "param": None, "key": response_key, })) for i in range(0, 50): response = r.get(response_key) if response is not None: return JsonResponse({"proxyStatus": response}) else: time.sleep(.1) # sleep 100ms return JsonResponse({"proxyStatus": None}, status=503)
def status(request): """ Return status of proxy. """ if request.method != "GET": return HttpResponse(status=405) from api.models import redis_wrapper r = redis_wrapper.init_redis() response_key = str(ObjectId()) redis_wrapper.publish_to_proxy( json.dumps({ "operation": "status", "param": None, "key": response_key, })) for i in range(0, 50): response = r.get(response_key) if response is not None: return JsonResponse({"proxyStatus": response}) else: time.sleep(.1) # sleep 100ms return JsonResponse({"proxyStatus": None}, status=503)
def get(request): """ Retrieve traffic from redis backend. """ r = redis_wrapper.init_redis() key = 'token:%s' % (request.token_string,) last_score = r.hget(key, 'last_score') if last_score: last_score = int(last_score) else: # get the last score from Redis traffic = r.zrevrange('heliosburn.traffic', 0, 0, withscores=True) last_score = int(traffic[0][1])+1 if len(traffic) > 0 else 0 traffic = r.zrangebyscore('heliosburn.traffic', last_score, '+inf', withscores=True) requests = [] for message in traffic: request = json.loads(message[0]) requests.append(request) score = int(message[1]) # update the last_time to obtain new traffic the next time if score > last_score: last_score = score + 1 # increment by 1 to avoid getting the last request again # update last score of the user r.hset(key, 'last_score', last_score) r = { "count": len(requests), "requests": requests } return JsonResponse(r)