Exemple #1
0
    def get(self, id: Optional[str] = None) -> Optional[Session]:
        """Get detail session from database

		We can use id or not. If id not available, we just need to count
		at least one record, if exist then load it.
		"""
        try:
            # build coll object instance
            coll = self.build_mongo_coll(self.COLLNAME)
            condition = {}

            if id:
                condition['_id'] = ObjectId(id)

            sess = coll.find_one(filter=condition)
            if not sess:
                return None

            session = Session(token=sess.get('token'),
                              locked=sess.get('locked'),
                              profile_id=str(sess.get('profile_id')),
                              id=str(sess.get('_id')))

            return session
        except PyMongoError as exc_pymongo:
            raise StorageError(exc_pymongo)
        except InvalidId as exc_invalid_id:
            raise StorageError(exc_invalid_id)
Exemple #2
0
	def test_unlock_success(self):
		password = Password(raw='test_password', hasher=Sha256Hasher)
		profile = Profile(name='test_name', password=password)

		repo = ProfileRepository(config())
		saved = repo.create(profile)
		self.assertTrue(saved)

		payload = {'name': profile.name}
		token = Token(salt='test_salt', payload=payload, builder=JWTToken)
		session = Session(token=token, locked=False, profile_id=saved.id)

		repo_sec = SecurityRepository(config())
		session_id = repo_sec.register(session)
		session = repo_sec.get(session_id)

		self.assertIsInstance(session, Session)
		self.assertEqual(session.token, token.build().decode())
		self.assertEqual(session.profile_id, str(saved.id))
		self.assertFalse(session.locked)

		repo_sec.lock(id=session_id)
		session = repo_sec.get(session_id)
		self.assertTrue(session.locked)
		
		repo_sec.unlock(id=session_id)
		session = repo_sec.get(session_id)
		self.assertFalse(session.locked)
Exemple #3
0
 def register(self, session: Session) -> str:
     id = str(uuid.uuid4())
     sess = Session(token=session.token,
                    locked=False,
                    profile_id=session.profile_id,
                    id=id)
     self.in_memory[id] = sess
     return id
Exemple #4
0
	def test_remove_success(self):
		password = Password(raw='test_password', hasher=Sha256Hasher)
		profile = Profile(name='test_name', password=password)

		repo = ProfileRepository(config())
		saved = repo.create(profile)
		self.assertTrue(saved)

		payload = {'name': profile.name}
		token = Token(salt='test_salt', payload=payload, builder=JWTToken)
		session = Session(token=token, locked=False, profile_id=saved.id)

		repo_sec = SecurityRepository(config())
		session_id = repo_sec.register(session)
		self.assertIsInstance(session_id, str)
		self.assertTrue(repo_sec.remove(session_id))
		self.assertFalse(repo_sec.is_exist())
Exemple #5
0
    def login(self, salt: str, given_profile: Profile,
              success_cb: LoginSuccessCallback) -> Union[State, Session]:
        """Logging in users

		Raises:
			autowp.core.shared.exceptions.VarTypeError: When given profile is not an instance of Profile
			autowp.core.shared.exceptions.ValidationError: When cannot validate given profile entity
		"""
        typechecker.check(given_profile, Profile, ('given_profile', 'Profile'))
        self.validate_profile(given_profile)

        profile = self.repo_profile.get_detail(given_profile.name)
        if not profile:  # profile not exist
            return State(self.STATE_NAME, self.STATE_FAILED_NO_PROFILE,
                         'Profile not exist')

        password = None
        if isinstance(profile.password, str):
            password = profile.password

        if isinstance(profile.password, Password):
            password = profile.password.hashed

        if given_profile.password.to_hash() != password:
            return State(self.STATE_NAME, self.STATE_FAILED_PASSWORD_MISMTACH,
                         'Password mismatch')

        # use callback to create a session object
        # we need to save this session to our data storage
        # and generate a new session object with an id from storage
        session_raw = success_cb(salt, profile)
        session_id = self.repo.register(session_raw)

        # generate new session
        session = Session(locked=False,
                          token=session_raw.token,
                          id=session_id,
                          profile_id=profile.id)

        return session
Exemple #6
0
 def _login_success_callback(self, salt: str, profile: Profile) -> Session:
     """Build jwt token"""
     payload = {'name': profile.name}
     token = Token(salt=self.config.salt, payload=payload, builder=JWTToken)
     session = Session(token=token, locked=False, profile_id=profile.id)
     return session
Exemple #7
0
def _on_success_cb(salt: str, profile: Profile) -> Session:
    payload = {'name': profile.name}
    token = Token(salt, payload, HashlibToken)
    sess = Session(token=token, locked=False, profile_id=profile.id)
    return sess
Exemple #8
0
	def register(self, session: Session) -> str:
		id = str(uuid.uuid4()) 
		sess = Session(id, session.token, False) 
		self.in_memory[id] = sess
		return id