def authenticateUserFromToken(self, token): ''' Checks the user authentication by token. ''' exception1 = unauthorizedRequest('Invalid authentication credentials') if token is None: raise exception1 try: logging.info("Get user credentials and check token.") user = User().getUserByToken(token) logging.debug("Search for the user token "+str(token)+".") if user.token==token: if self.__isAnExpiredToken(user.token_timestamp)==False: tenantName = User().getTenantName(user.tenant_id) userobj = UserData(user.id, user.username, tenantName, user.mail) userobj.setToken(user.token, user.token_timestamp) logging.debug("Found user token "+str(token)+" still valid.") return userobj else: logging.debug("Found an expired user token "+str(token)+".") raise UserTokenExpired("Token expired. You must authenticate again with user/pass") raise Exception except UserTokenExpired as ex: raise ex except Exception: logging.debug("User token "+str(token)+" not found.") raise exception1
def authenticateUserFromCredentials(self, credentials): if "username" in credentials and "password" in credentials: username = credentials["username"] password = credentials["password"] else: raise unauthorizedRequest('Authentication credentials required') user = User().getUser(username) #passwordhash_check = self.getPasswordHash(password) if user.password == password: if user.token is not None and self.isAnExpiredToken(user.token_timestamp) is False: logging.debug("User successfully authenticated") return user.token else: # generate token and return token, token_timestamp = self.generateToken() User().setNewToken(user.id, token, token_timestamp) return token else: logging.debug("Wrong password") raise unauthorizedRequest('Login failed')
def ServiceCreateToken(self): ''' @author: Alex Palesandro Wraps the create token raising an exception if the token is not valid for some reason ''' self.createToken() if IDENTITY_API_VERSION == 2: if self.tokendata['access']['token']['id'] is None: raise unauthorizedRequest ("HTTPUnauthorized: Token not valid") else: self.token = self.tokendata['access'][ 'token']['id']
def authenticateUserFromTokenUserId(self, token, user_id): ''' Checks the user authentication by token/user_id. ''' exception1 = unauthorizedRequest('Invalid authentication credentials') if token is None: # or user_id is None: raise exception1 try: logging.info("Get user credentials and check token.") user = User().getUserByID(user_id) logging.debug("Check the token of user "+str(user_id)+".") if user.token==token and self.__isAnExpiredToken(user.token_timestamp)==False: tenantName = User().getTenantName(user.tenant_id) userobj = UserData(user.id, user.username, tenantName, user.mail) userobj.setToken(user.token, user.token_timestamp) logging.debug("Found user "+str(user_id)+" with a valid token.") return userobj raise Exception except Exception: logging.debug("User "+str(user_id)+" not found.") raise exception1
def authenticateUserFromCredentials(self, username, password, tenant): ''' Checks the user authentication by username/password/tenant. ''' exception1 = unauthorizedRequest('Invalid authentication credentials') if username is None or password is None: # or tenant is None: raise exception1 logging.info("Get user credentials and check password.") user = User().getUserByUsername(username) # Check password pwdhash_check = self.__getPasswordHash(password) if user.pwdhash != pwdhash_check: logging.debug("Wrong password.") raise exception1 # Check tenant tenantName = User().getTenantName(user.tenant_id) if tenant is not None and tenantName != tenant: logging.debug("Wrong tenant.") raise exception1 userobj = UserData(user.id, user.username, tenantName, user.mail) logging.info("Check current token. Get a new token, if it is needed.") if user.token is None or self.__isAnExpiredToken(user.token_timestamp): token,token_timestamp = User().getNewToken(user.id) userobj.setToken(token, token_timestamp) User().setNewToken(user.id, token, token_timestamp) logging.debug("New token generated") else: userobj.setToken(user.token, user.token_timestamp) logging.debug("Current token is valid.") return userobj
def authenticateUserFromRESTRequest(self, request): token = request.headers.get("X-Auth-Token") if token is None: raise unauthorizedRequest('Token required') return self.authenticateUserFromToken(token)