def test_unable_to_save(json_db_dir): bogus_dir = '/___inexisting_directory___' with pytest.raises(BackendIOException): Cork(bogus_dir, initialize=True, preferred_hashing_algorithm='PBKDF2sha1', pbkdf2_iterations=100000)
def populate_conf_directory(): cork = Cork("example_conf", initialize=True) cork._store.roles["admin"] = 100 cork._store.roles["editor"] = 60 cork._store.roles["user"] = 50 cork._store.save_roles() tstamp = str(datetime.utcnow()) username = password = "******" cork._store.users[username] = { "role": "admin", "hash": cork._hash(username, password), "email_addr": username + "@localhost.local", "desc": username + " test user", "creation_date": tstamp, } username = password = "" cork._store.users[username] = { "role": "user", "hash": cork._hash(username, password), "email_addr": username + "@localhost.local", "desc": username + " test user", "creation_date": tstamp, } cork._store.save_users()
def populate_conf_directory(self, auth_dir): """ Creation of basic auth files. """ logger.info("Creating new authentication files, check STDOUT for the generated admin password.") cork = Cork(auth_dir, initialize=True) cork._store.roles['admin'] = 100 cork._store.roles['access_all'] = 70 cork._store.roles['access_normalized'] = 60 cork._store.roles['public'] = 10 cork._store.save_roles() tstamp = str(datetime.utcnow()) #default admin combo: admin/admin username = '******' password = str(uuid.uuid4()) cork._store.users[username] = { 'role': 'admin', 'hash': cork._hash(username, password), 'email_addr': username + '@localhost.local', 'desc': 'Default administrative account', 'creation_date': tstamp } cork._store.save_users() #for security reasons we fdo not want this in the log files. print "A 'admin' account has been created with the password '{0}'".format(password) return cork
def populate_conf_directory(): cork = Cork('example_conf', initialize=True) cork._store.roles['admin'] = 100 cork._store.roles['editor'] = 60 cork._store.roles['user'] = 50 cork._store._savejson('roles', cork._store.roles) tstamp = str(datetime.utcnow()) username = password = '******' cork._store.users[username] = { 'role': 'admin', 'hash': cork._hash(username, password), 'email_addr': username + '@localhost.local', 'desc': username + ' test user', 'creation_date': tstamp } username = password = '' cork._store.users[username] = { 'role': 'user', 'hash': cork._hash(username, password), 'email_addr': username + '@localhost.local', 'desc': username + ' test user', 'creation_date': tstamp } cork._store._save_users()
def run(*args): #cork (app auth) client = pymongo.MongoClient(app_settings.DATABASE_URI) db = client[app_settings.DATABASE_CORK] db.authenticate(app_settings.DATABASE_USERNAME, app_settings.DATABASE_PASSWORD, app_settings.DATABASE_MAIN) existing = db.users.find_one({"login": "******"}) if existing: return mb = MongoDBBackend(db_name=app_settings.DATABASE_CORK, username=app_settings.DATABASE_USERNAME, password=app_settings.DATABASE_PASSWORD, authdb=app_settings.DATABASE_MAIN, initialize=True) cork = Cork(backend=mb, preferred_hashing_algorithm='scrypt') admin_hash = cork._hash("admin", app_settings.ADMIN_PASSWORD) mb.users._coll.insert({ "login": "******", "email_addr": "*****@*****.**", "desc": "admin user", "role": "admin", "hash": admin_hash, "creation_date": "2012-10-28 20:50:26.286723" }) mb.roles._coll.insert({'role': 'admin', 'val': 100}) #mb.roles._coll.insert({'role': 'editor', 'val': 60}) mb.roles._coll.insert({'role': 'user', 'val': 50})
def populate_conf_directory(out_dir, non_interactive): cork = Cork(out_dir, initialize=True) cork._store.roles['admin'] = 101 cork._store.roles['portal'] = 100 cork._store.roles['experimenter'] = 60 cork._store.save_roles() tstamp = str(datetime.utcnow()) stop = False while not stop: if non_interactive: choice = 'y' stop = True else: choice = input('do you want to add one user? [Y/n]') if choice.lower() == 'y' or choice.lower() == 'yes' or not choice: username, password, role = get_username_and_password( non_interactive) user_cork = { 'role': role, 'hash': cork._hash(username, password), 'email_addr': username + '@localhost.local', 'desc': username + ' test user', 'creation_date': tstamp } cork._store.users[username] = user_cork print("Cork user is: %s, password is %s" % (username, password)) else: stop = True cork._store.save_users()
def getAAA(userdb_dir): """ Gets an authentication object for use with cork/bottle. """ # Create default json files for users if not present if not isdir(userdb_dir): makedirs(userdb_dir) if not isfile(userdb_dir + '/register.json'): with open(userdb_dir + '/register.json', 'w') as f: f.write('{}') if not isfile(userdb_dir + '/users.json'): with open(userdb_dir + '/users.json', 'w') as f: now = datetime.now().strftime('%Y-%m-%dT%H:%M:%S.%f') f.write( '{"admin": {"hash": "cLzRnzbEwehP6ZzTREh3A4MXJyNo+TV8Hs4//EEbPbiDoo+dmNg22f2RJC282aSwgyWv/O6s3h42qrA6iHx8yfw=", "email_addr": "*****@*****.**", "role": "admin", "creation_date": "' + now + '", "desc": "admin test user"}}') if not isfile(userdb_dir + '/roles.json'): with open(userdb_dir + '/roles.json', 'w') as f: f.write('{"admin": 100}') aaa = Cork(userdb_dir) return aaa
def __initialize_cork_role(role_name, role_level): cork = Cork(directory=get_config("api", "cork-files-path", "/etc/softfire/users"), initialize=False) cork._store.roles[role_name] = role_level cork._store.save_roles() logger.debug('Created cork role: {} with level {}.'.format( role_name, role_level))
def setup(engine): Role.metadata.create_all(engine) User.metadata.create_all(engine) # setup cork auth backend = SqlAlchemyBackend(engine.url) aaa = Cork(backend=backend) setattr(__import__(__name__), 'aaa', aaa)
def aaa(mytmpdir): aaa = Cork( mytmpdir, smtp_server="localhost", email_sender="test@localhost", preferred_hashing_algorithm="argon2", ) return aaa
def aaa(mytmpdir): aaa = Cork( mytmpdir, smtp_server="localhost", email_sender="test@localhost", preferred_hashing_algorithm="PBKDF2sha1", pbkdf2_iterations=100000, ) return aaa
def change_pass(pwd): sqlalchemy_backend = Cork(backend=SqlAlchemyBackend(config.db_url)) metadata = MetaData() engine = create_engine(config.db_url) metadata.bind = engine users = Table("users", metadata, extend_existing=True, autoload=True, autoload_with=engine) users.update().where(users.c.username == "transito").values( hash=sqlalchemy_backend._hash("transito", pwd)).execute()
def make_user_admin(*args): username = input("Username: "******"login": username}, {"$set": { "role": "admin" }})
def add_user(Base, session): Users = Base.classes.users sqlalchemy_backend = Cork(backend=SqlAlchemyBackend(config.db_url)) session.add( Users(username="******", role="admin", hash=sqlalchemy_backend._hash("transito", "transito"), email_addr="*****@*****.**", desc="operario", creation_date=str(datetime.now()), last_login=str(datetime.now()))) session.commit() session.close()
def test_initialize_storage(): aaa = Cork(testdir, initialize=True) with open("%s/users.json" % testdir) as f: assert f.readlines() == ['{}'] with open("%s/roles.json" % testdir) as f: assert f.readlines() == ['{}'] with open("%s/register.json" % testdir) as f: assert f.readlines() == ['{}'] with open("%s/views/registration_email.tpl" % testdir) as f: assert f.readlines() == [ 'Username:{{username}} Email:{{email_addr}} Code:{{registration_code}}'] with open("%s/views/password_reset_email.tpl" % testdir) as f: assert f.readlines() == [ 'Username:{{username}} Email:{{email_addr}} Code:{{reset_code}}']
def __initialize_cork_user(username, role, password): cork = Cork(directory=get_config("api", "cork-files-path", "/etc/softfire/users"), initialize=False) user_cork = { 'role': role, 'hash': cork._hash(username, password), 'email_addr': username + '@localhost.local', 'desc': username + ' test user', 'creation_date': '{:%Y-%m-%d %H:%M:%S}'.format(datetime.datetime.now()) } cork._store.users[username] = user_cork cork._store.save_users() logger.debug('Created cork user {} with role {}.'.format(username, role))
def get_cork_instance(): smtp_url = 'ssl://{}:{}@smtp.gmail.com:465'.format( app_settings.SMTP_USERNAME, app_settings.SMTP_PASSWORD) cork = Cork( backend=MongoDBBackend(db_name=app_settings.DATABASE_CORK, username=app_settings.DATABASE_USERNAME, password=app_settings.DATABASE_PASSWORD, authdb=app_settings.DATABASE_MAIN, initialize=False), email_sender=app_settings.SMTP_USERNAME + "@gmail.com", smtp_url=smtp_url, preferred_hashing_algorithm='scrypt', pbkdf2_iterations=10, ) return cork
def test_initialize_storage(): jb = JsonBackend(testdir, initialize=True) Cork(backend=jb, preferred_hashing_algorithm='scrypt') with open("%s/users.json" % testdir) as f: assert f.readlines() == ['{}'] with open("%s/roles.json" % testdir) as f: assert f.readlines() == ['{}'] with open("%s/register.json" % testdir) as f: assert f.readlines() == ['{}'] with open("%s/views/registration_email.tpl" % testdir) as f: assert f.readlines() == [ 'Username:{{username}} Email:{{email_addr}} Code:{{registration_code}}'] with open("%s/views/password_reset_email.tpl" % testdir) as f: assert f.readlines() == [ 'Username:{{username}} Email:{{email_addr}} Code:{{reset_code}}']
def test_initialize_storage(json_db_dir): jb = JsonBackend(json_db_dir.strpath, initialize=True) Cork(backend=jb) assert json_db_dir.join('users.json').read() == '{}' assert json_db_dir.join('roles.json').read() == '{}' assert json_db_dir.join('register.json').read() == '{}' return with open("%s/views/registration_email.tpl" % testdir) as f: assert f.readlines() == [ 'Username:{{username}} Email:{{email_addr}} Code:{{registration_code}}' ] with open("%s/views/password_reset_email.tpl" % testdir) as f: assert f.readlines() == [ 'Username:{{username}} Email:{{email_addr}} Code:{{reset_code}}' ]
def initiate_authmgr(self): ''' Internal function to intiate authentication manager ''' self.authBackend = MongoDBBackend(db_name=CONF.mongo_conf['db'], hostname=CONF.mongo_conf['host'], port=CONF.mongo_conf['port'], initialize=False, username=CONF.mongo_conf['username'], password=CONF.mongo_conf['password']) smtp_url = CONF.smtp_url self.authmgr = Cork(backend=self.authBackend, email_sender='*****@*****.**', smtp_url=smtp_url) return self.authmgr
def populate_conf_directory(): cork = Cork('auth', initialize=True) cork._store.roles['admin'] = 100 cork._store.roles['editor'] = 60 cork._store.roles['user'] = 50 cork._store._savejson('roles', cork._store.roles) tstamp = str(datetime.utcnow()) print "Change the usernames and passwords in the code" exit() makeuser(cork, 'admin', 'CHANGEME', tstamp) makeuser(cork, 'someuser', 'CHANGEME', tstamp) makeuser(cork, 'woohoo', 'CHANGEME', tstamp) cork._store._save_users()
def test_initialize_storage(json_db_dir): jb = JsonBackend(json_db_dir.strpath, initialize=True) Cork(backend=jb, preferred_hashing_algorithm="PBKDF2sha1", pbkdf2_iterations=100000) assert json_db_dir.join("users.json").read() == "{}" assert json_db_dir.join("roles.json").read() == "{}" assert json_db_dir.join("register.json").read() == "{}" return with open("%s/views/registration_email.tpl" % testdir) as f: assert f.readlines() == [ "Username:{{username}} Email:{{email_addr}} Code:{{registration_code}}" ] with open("%s/views/password_reset_email.tpl" % testdir) as f: assert f.readlines() == [ "Username:{{username}} Email:{{email_addr}} Code:{{reset_code}}" ]
def create_test_databases(*args): create_databases_with_auth(app_settings.DATABASE_CORK) create_databases_with_auth(app_settings.DATABASE_MAIN) mb = MongoDBBackend(db_name=app_settings.DATABASE_CORK, username=app_settings.DATABASE_USERNAME, password=app_settings.DATABASE_PASSWORD, authdb=app_settings.DATABASE_MAIN, initialize=True) cork = Cork(backend=mb, preferred_hashing_algorithm='scrypt') testuser_hash = cork._hash("testuser", "testuser") mb.users._coll.insert({ "login": "******", "email_addr": "*****@*****.**", "desc": "test user", "role": "user", "hash": testuser_hash, "creation_date": "2012-10-28 20:50:26.286723" })
def populate_conf_directory(): cork = Cork('.', initialize=True) cork._store.roles['admin'] = 100 cork._store._savejson('roles', cork._store.roles) tstamp = str(datetime.utcnow()) username = "" while not username: username = raw_input("Enter admin username: "******"" while not password: password = raw_input("Enter admin password: ") cork._store.users[username] = { 'role': 'admin', 'hash': cork._hash(username, password), 'creation_date': tstamp } cork._store._save_users()
def populate_conf_directory(self): """Populate a directory with valid configuration files, to be run just once The files are not modified by each test """ self._tmpdir = os.path.join(self._tmproot, "cork_functional_test_source") # only do this once, as advertised if os.path.exists(self._tmpdir): return os.mkdir(self._tmpdir) os.mkdir(self._tmpdir + "/example_conf") cork = Cork(os.path.join(self._tmpdir, "example_conf"), initialize=True) cork._store.roles['admin'] = 100 cork._store.roles['editor'] = 60 cork._store.roles['user'] = 50 cork._store.save_roles() tstamp = str(datetime.utcnow()) username = password = '******' cork._store.users[username] = { 'role': 'admin', 'hash': cork._hash(username, password), 'email_addr': username + '@localhost.local', 'desc': username + ' test user', 'creation_date': tstamp } username = password = '' cork._store.users[username] = { 'role': 'user', 'hash': cork._hash(username, password), 'email_addr': username + '@localhost.local', 'desc': username + ' test user', 'creation_date': tstamp } cork._store.save_users()
def populate_conf_directory(self): """Populate a directory with valid configuration files, to be run just once The files are not modified by each test """ self._tmpdir = os.path.join(self._tmproot, "cork_functional_test_source") # only do this once, as advertised if os.path.exists(self._tmpdir): return os.mkdir(self._tmpdir) os.mkdir(self._tmpdir + "/example_conf") cork = Cork(os.path.join(self._tmpdir, "example_conf"), initialize=True) cork._store.roles["admin"] = 100 cork._store.roles["editor"] = 60 cork._store.roles["user"] = 50 cork._store.save_roles() tstamp = str(datetime.utcnow()) username = password = "******" cork._store.users[username] = { "role": "admin", "hash": cork._hash(username, password), "email_addr": username + "@localhost.local", "desc": username + " test user", "creation_date": tstamp, } username = password = "" cork._store.users[username] = { "role": "user", "hash": cork._hash(username, password), "email_addr": username + "@localhost.local", "desc": username + " test user", "creation_date": tstamp, } cork._store.save_users()
# admin/admin, demo/demo import bottle from beaker.middleware import SessionMiddleware from cork import Cork from cork.backends import SQLiteBackend import logging logging.basicConfig(format='localhost - - [%(asctime)s] %(message)s', level=logging.DEBUG) log = logging.getLogger(__name__) bottle.debug(True) # Use users.json and roles.json in the local example_conf directory aaa = Cork('example_conf', email_sender='*****@*****.**', smtp_url='smtp://smtp.magnet.ie') def populate_backend(): b = SQLiteBackend('example.db', initialize=True) b.connection.executescript(""" INSERT INTO users (username, email_addr, desc, role, hash, creation_date) VALUES ( 'admin', '*****@*****.**', 'admin test user', 'admin', 'cLzRnzbEwehP6ZzTREh3A4MXJyNo+TV8Hs4//EEbPbiDoo+dmNg22f2RJC282aSwgyWv/O6s3h42qrA6iHx8yfw=', '2012-10-28 20:50:26.286723' );
def test_init(): Cork(testdir)
def __init__(self, datebase_name, static_file_path=None, data_dir='./data', loggly_token=None): cork_dir = os.path.join(data_dir, 'cork') beaker_dir = os.path.join(data_dir, 'beaker') bottle.TEMPLATE_PATH.insert(0,'webapi/views/') #vars which must be visible across all webapi modules shared.static_dir = static_file_path shared.plug = bottle.ext.mongo.MongoPlugin(uri="localhost", db=datebase_name, json_mongo=True) #install mongo plugin for root app install(shared_state.plug) #check if cork files exists cork_files = ['users.json', 'roles.json', 'register.json'] if not set(cork_files).issubset(set(os.listdir(cork_dir))): #if not, create them logger.info('Cork authentication files not found, creating new files.') shared.auth = self.populate_conf_directory(cork_dir) else: shared.auth = Cork(cork_dir) #admin depends on shared.auth import admin #import and mount api version 1 (stable) from webapi.api.v1 import app as api_v1 mount('/api/v1/', api_v1.app) #import and mount development version (unstable) from webapi.api.d import app as api_d mount('/api/d/', api_d.app) #must be imported AFTER mounts. if shared.static_dir is not None: import default_routes #wrap root app in beaker middleware session_opts = { 'session.type': 'file', 'session.cookie_expires': False, 'session.data_dir': beaker_dir, 'session.auto': True, #set secure attribute on cookie 'session.secure': True } self.app = bottle.app() if loggly_token: self.app = Loggly(bottle.app(), loggly_token) self.app = SessionMiddleware(self.app, session_opts) root_app = bottle.app() #setup logging hooks @root_app.hook('before_request') @api_d.app.hook('before_request') @api_v1.app.hook('before_request') def log_request(): user_agent = "" if 'HTTP_USER_AGENT' in bottle.request.environ: user_agent = bottle.request.environ['HTTP_USER_AGENT'] if 'REMOTE_ADDR' in bottle.request.environ: remote_addr = bottle.request.environ['REMOTE_ADDR'] else: remote_addr = "" if 'beaker.session' in bottle.request.environ: session = bottle.request.environ.get('beaker.session') username = session.get('username', None) else: username = "******" logger.info("[{0}/{1}] {2} {3} ({4})".format(remote_addr, username, request.method, request.fullpath, user_agent)) def return_text(self, e): return e.status #make sure error pages for API are pure text api_d.app.default_error_handler = types.MethodType(return_text, self) api_v1.app.default_error_handler = types.MethodType(return_text, self)
def test_unable_to_save(): bogus_dir = '/___inexisting_directory___' Cork(bogus_dir, initialize=True)