def login(self, session): """ Logs a user in if their password matches arguments: session -- (Session) object from flask return the response object """ try: sess = GlobalDB.db().session safe_dictionary = RequestDictionary(self.request) username = safe_dictionary.get_value('username') password = safe_dictionary.get_value('password') try: user = sess.query(User).filter( func.lower(User.email) == func.lower(username)).one() except Exception: raise ValueError("Invalid username and/or password") try: if check_correct_password(user, password, self.bcrypt): # We have a valid login return self.create_session_and_response(session, user) else: raise ValueError("Invalid username and/or password") except ValueError as ve: LoginSession.logout(session) raise ve except Exception as e: LoginSession.logout(session) raise e except (TypeError, KeyError, NotImplementedError) as e: # Return a 400 with appropriate message return JsonResponse.error(e, StatusCode.CLIENT_ERROR) except ValueError as e: # Return a 401 for login denied return JsonResponse.error(e, StatusCode.LOGIN_REQUIRED) except Exception as e: # Return 500 return JsonResponse.error(e, StatusCode.INTERNAL_ERROR)
def login(self, session): """ Logs a user in if their password matches arguments: session -- (Session) object from flask return the response object """ try: sess = GlobalDB.db().session safe_dictionary = RequestDictionary(self.request) username = safe_dictionary.get_value('username') password = safe_dictionary.get_value('password') try: user = sess.query(User).filter(func.lower(User.email) == func.lower(username)).one() except Exception: raise ValueError("Invalid username and/or password") try: if check_correct_password(user, password, self.bcrypt): # We have a valid login return self.create_session_and_response(session, user) else: raise ValueError("Invalid username and/or password") except ValueError as ve: LoginSession.logout(session) raise ve except Exception as e: LoginSession.logout(session) raise e except (TypeError, KeyError, NotImplementedError) as e: # Return a 400 with appropriate message return JsonResponse.error(e, StatusCode.CLIENT_ERROR) except ValueError as e: # Return a 401 for login denied return JsonResponse.error(e, StatusCode.LOGIN_REQUIRED) except Exception as e: # Return 500 return JsonResponse.error(e, StatusCode.INTERNAL_ERROR)
def login(self, session): """ Logs a user in if their password matches using local data Args: session: the Session object from flask Returns: A JsonResponse containing the user information or details on which error occurred, such as whether a type was wrong, something wasn't implemented, invalid keys were provided, login was denied, or a different, unexpected error occurred. """ try: sess = GlobalDB.db().session safe_dictionary = RequestDictionary(self.request) username = safe_dictionary.get_value('username') password = safe_dictionary.get_value('password') try: user = sess.query(User).filter( func.lower(User.email) == func.lower(username)).one() except Exception: raise ValueError("Invalid username and/or password") try: if check_correct_password(user, password, self.bcrypt): # We have a valid login return self.create_session_and_response(session, user) else: raise ValueError("Invalid username and/or password") except ValueError as ve: LoginSession.logout(session) raise ve except Exception as e: LoginSession.logout(session) raise e # Catch any specifically raised errors or any other errors that may have happened and return them cleanly except (TypeError, KeyError, NotImplementedError) as e: # Return a 400 with appropriate message return JsonResponse.error(e, StatusCode.CLIENT_ERROR) except ValueError as e: # Return a 401 for login denied return JsonResponse.error(e, StatusCode.LOGIN_REQUIRED) except Exception as e: # Return 500 return JsonResponse.error(e, StatusCode.INTERNAL_ERROR)
def login(self, session): """ Logs a user in if their password matches using local data Args: session: the Session object from flask Returns: A JsonResponse containing the user information or details on which error occurred, such as whether a type was wrong, something wasn't implemented, invalid keys were provided, login was denied, or a different, unexpected error occurred. """ try: sess = GlobalDB.db().session safe_dictionary = RequestDictionary(self.request) username = safe_dictionary.get_value('username') password = safe_dictionary.get_value('password') try: user = sess.query(User).filter(func.lower(User.email) == func.lower(username)).one() except Exception: raise ValueError("Invalid username and/or password") try: if check_correct_password(user, password, self.bcrypt): # We have a valid login return self.create_session_and_response(session, user) else: raise ValueError("Invalid username and/or password") except ValueError as ve: LoginSession.logout(session) raise ve except Exception as e: LoginSession.logout(session) raise e # Catch any specifically raised errors or any other errors that may have happened and return them cleanly except (TypeError, KeyError, NotImplementedError) as e: # Return a 400 with appropriate message return JsonResponse.error(e, StatusCode.CLIENT_ERROR) except ValueError as e: # Return a 401 for login denied return JsonResponse.error(e, StatusCode.LOGIN_REQUIRED) except Exception as e: # Return 500 return JsonResponse.error(e, StatusCode.INTERNAL_ERROR)
def max_login(self, session): """ Logs a user in if their password matches using MAX Args: session: Session object from flask Returns: A JsonResponse containing the user information or details on which error occurred, such as whether a type was wrong, something wasn't implemented, invalid keys were provided, login was denied, or a different, unexpected error occurred. """ try: safe_dictionary = RequestDictionary(self.request) ticket = safe_dictionary.get_value("ticket") service = safe_dictionary.get_value('service') # Call MAX's serviceValidate endpoint and retrieve the response max_dict = get_max_dict(ticket, service) if 'cas:authenticationSuccess' not in max_dict[ 'cas:serviceResponse']: raise ValueError( "The Max CAS endpoint was unable to locate your session " "using the ticket/service combination you provided.") cas_attrs = max_dict['cas:serviceResponse'][ 'cas:authenticationSuccess']['cas:attributes'] # Grab MAX ID to see if a service account is being logged in max_id_components = cas_attrs['maxAttribute:MAX-ID'].split('_') service_account_flag = (len(max_id_components) > 1 and max_id_components[0].lower() == 's') # Grab the email and list of groups from MAX's response email = cas_attrs['maxAttribute:Email-Address'] try: sess = GlobalDB.db().session user = sess.query(User).filter( func.lower(User.email) == func.lower(email)).one_or_none() # If the user does not exist, create them since they are allowed to access the site because they got # past the above group membership checks if user is None: user = User() user.email = email set_user_name(user, cas_attrs) set_max_perms(user, cas_attrs['maxAttribute:GroupList'], service_account_flag) sess.add(user) sess.commit() except MultipleResultsFound: raise ValueError("An error occurred during login.") return self.create_session_and_response(session, user) # Catch any specifically raised errors or any other errors that may have happened and return them cleanly. # We add the error parameter here because this endpoint needs to provide better feedback, and to avoid changing # the default behavior of the JsonResponse class globally. except (TypeError, KeyError, NotImplementedError) as e: # Return a 400 with appropriate message return JsonResponse.error(e, StatusCode.CLIENT_ERROR, error=str(e)) except ValueError as e: # Return a 401 for login denied return JsonResponse.error(e, StatusCode.LOGIN_REQUIRED, error=str(e)) except Exception as e: # Return 500 return JsonResponse.error(e, StatusCode.INTERNAL_ERROR, error=str(e))
def max_login(self, session): """ Logs a user in if their password matches using MAX Args: session: Session object from flask Returns: A JsonResponse containing the user information or details on which error occurred, such as whether a type was wrong, something wasn't implemented, invalid keys were provided, login was denied, or a different, unexpected error occurred. """ try: safe_dictionary = RequestDictionary(self.request) ticket = safe_dictionary.get_value("ticket") service = safe_dictionary.get_value('service') # Call MAX's serviceValidate endpoint and retrieve the response max_dict = get_max_dict(ticket, service) if 'cas:authenticationSuccess' not in max_dict['cas:serviceResponse']: raise ValueError("The Max CAS endpoint was unable to locate your session " "using the ticket/service combination you provided.") cas_attrs = max_dict['cas:serviceResponse']['cas:authenticationSuccess']['cas:attributes'] # Grab MAX ID to see if a service account is being logged in max_id_components = cas_attrs['maxAttribute:MAX-ID'].split('_') service_account_flag = (len(max_id_components) > 1 and max_id_components[0].lower() == 's') # Grab the email and list of groups from MAX's response email = cas_attrs['maxAttribute:Email-Address'] try: sess = GlobalDB.db().session user = sess.query(User).filter(func.lower(User.email) == func.lower(email)).one_or_none() # If the user does not exist, create them since they are allowed to access the site because they got # past the above group membership checks if user is None: user = User() user.email = email set_user_name(user, cas_attrs) set_max_perms(user, cas_attrs['maxAttribute:GroupList'], service_account_flag) sess.add(user) sess.commit() except MultipleResultsFound: raise ValueError("An error occurred during login.") return self.create_session_and_response(session, user) # Catch any specifically raised errors or any other errors that may have happened and return them cleanly. # We add the error parameter here because this endpoint needs to provide better feedback, and to avoid changing # the default behavior of the JsonResponse class globally. except (TypeError, KeyError, NotImplementedError) as e: # Return a 400 with appropriate message return JsonResponse.error(e, StatusCode.CLIENT_ERROR, error=str(e)) except ValueError as e: # Return a 401 for login denied return JsonResponse.error(e, StatusCode.LOGIN_REQUIRED, error=str(e)) except Exception as e: # Return 500 return JsonResponse.error(e, StatusCode.INTERNAL_ERROR, error=str(e))
def max_login(self, session): """ Logs a user in if their password matches arguments: session -- (Session) object from flask return the response object """ try: safe_dictionary = RequestDictionary(self.request) # Obtain POST content ticket = safe_dictionary.get_value("ticket") service = safe_dictionary.get_value('service') # Call MAX's serviceValidate endpoint and retrieve the response max_dict = get_max_dict(ticket, service) if 'cas:authenticationSuccess' not in max_dict['cas:serviceResponse']: raise ValueError("You have failed to login successfully with MAX") cas_attrs = max_dict['cas:serviceResponse']['cas:authenticationSuccess']['cas:attributes'] # Grab the email and list of groups from MAX's response email = cas_attrs['maxAttribute:Email-Address'] try: sess = GlobalDB.db().session user = sess.query(User).filter(func.lower(User.email) == func.lower(email)).one_or_none() # If the user does not exist, create them since they are allowed to access the site because they got # past the above group membership checks if user is None: user = User() first_name = cas_attrs['maxAttribute:First-Name'] middle_name = cas_attrs['maxAttribute:Middle-Name'] last_name = cas_attrs['maxAttribute:Last-Name'] user.email = email # Check for None first so the condition can short-circuit without # having to worry about calling strip() on a None object if middle_name is None or middle_name.strip() == '': user.name = first_name + " " + last_name else: user.name = first_name + " " + middle_name[0] + ". " + last_name set_max_perms(user, cas_attrs['maxAttribute:GroupList']) sess.add(user) sess.commit() except MultipleResultsFound: raise ValueError("An error occurred during login.") return self.create_session_and_response(session, user) except (TypeError, KeyError, NotImplementedError) as e: # Return a 400 with appropriate message return JsonResponse.error(e, StatusCode.CLIENT_ERROR) except ValueError as e: # Return a 401 for login denied return JsonResponse.error(e, StatusCode.LOGIN_REQUIRED) except Exception as e: # Return 500 return JsonResponse.error(e, StatusCode.INTERNAL_ERROR)
def max_login(self, session): """ Logs a user in if their password matches arguments: session -- (Session) object from flask return the response object """ try: safe_dictionary = RequestDictionary(self.request) # Obtain POST content ticket = safe_dictionary.get_value("ticket") service = safe_dictionary.get_value('service') # Call MAX's serviceValidate endpoint and retrieve the response max_dict = get_max_dict(ticket, service) if 'cas:authenticationSuccess' not in max_dict[ 'cas:serviceResponse']: raise ValueError( "You have failed to login successfully with MAX") cas_attrs = max_dict['cas:serviceResponse'][ 'cas:authenticationSuccess']['cas:attributes'] # Grab the email and list of groups from MAX's response email = cas_attrs['maxAttribute:Email-Address'] try: sess = GlobalDB.db().session user = sess.query(User).filter( func.lower(User.email) == func.lower(email)).one_or_none() # If the user does not exist, create them since they are allowed to access the site because they got # past the above group membership checks if user is None: user = User() first_name = cas_attrs['maxAttribute:First-Name'] middle_name = cas_attrs['maxAttribute:Middle-Name'] last_name = cas_attrs['maxAttribute:Last-Name'] user.email = email # Check for None first so the condition can short-circuit without # having to worry about calling strip() on a None object if middle_name is None or middle_name.strip() == '': user.name = first_name + " " + last_name else: user.name = first_name + " " + middle_name[ 0] + ". " + last_name set_max_perms(user, cas_attrs['maxAttribute:GroupList']) sess.add(user) sess.commit() except MultipleResultsFound: raise ValueError("An error occurred during login.") return self.create_session_and_response(session, user) except (TypeError, KeyError, NotImplementedError) as e: # Return a 400 with appropriate message return JsonResponse.error(e, StatusCode.CLIENT_ERROR) except ValueError as e: # Return a 401 for login denied return JsonResponse.error(e, StatusCode.LOGIN_REQUIRED) except Exception as e: # Return 500 return JsonResponse.error(e, StatusCode.INTERNAL_ERROR)