class Token: TOKEN = 'token' USER_ID = 'user_id' CREATED_AT = 'created_at' CLIENT_ID = 'client_id' DEFAULT_CLIENT_ID = 'default' def __init__(self): self.token = Mongo(config.MONGO_TOKEN_COLLECTION) self.token.expire_after(self.CREATED_AT, config.TOKEN_EXPIRATION) def generate(self, user_id, client_id=None): token = str(uuid4()) cid = client_id or self.DEFAULT_CLIENT_ID self.token.upsert({ self.USER_ID: user_id, self.CLIENT_ID: cid }, { self.TOKEN: token, self.USER_ID: user_id, self.CREATED_AT: datetime.utcnow(), self.CLIENT_ID: cid }) return {self.TOKEN: token, 'expire_seconds': config.TOKEN_EXPIRATION} def revoke_all(self, user_id): self.token.delete({self.USER_ID: user_id}) def validate_token(self, token): token = self.token.get({self.TOKEN: token}) if not token: raise Error(code=403, message="Invalid token") return token.get(self.USER_ID)
class User: USERNAME = '******' PASSWORD = '******' USER_ID = 'user_id' def __init__(self): self.users = Mongo(config.MONGO_USERS_COLLECTION) def get(self, username, password): user = self.users.get({self.USERNAME: username}) if user and User.__validate_password(password, user.get('password')): del user[self.PASSWORD] return user else: raise Error(code=403, message="Invalid credentials") def register(self, username, password): if self.users.get({self.USERNAME: username}): raise Error(code=409, message="User already registered") user_id = str(uuid4()) self.users.insert( { self.USER_ID: user_id, self.USERNAME: username, self.PASSWORD: User.__hash(password) } ) return user_id def unregister(self, user_id): self.validate_user_id(user_id) self.users.delete({self.USER_ID: user_id}) def validate_user_id(self, user_id): user = self.users.get({self.USER_ID: user_id}) if not user: raise Error(code=403, message="Invalid user_id") @staticmethod def __validate_password(input_passwd, user_passwd): return user_passwd == User.__hash(input_passwd, salt=user_passwd) @staticmethod def __hash(password, salt=None): def _utf8(s): return s.encode('utf-8') return bcrypt.hashpw( _utf8(password), _utf8(salt) if salt else bcrypt.gensalt())
class User: USERNAME = '******' PASSWORD = '******' USER_ID = 'user_id' def __init__(self): self.users = Mongo(config.MONGO_USERS_COLLECTION) def get(self, username, password): user = self.users.get({self.USERNAME: username}) if user and User.__validate_password(password, user.get('password')): del user[self.PASSWORD] return user else: raise Error(code=403, message="Invalid credentials") def register(self, username, password): if self.users.get({self.USERNAME: username}): raise Error(code=409, message="User already registered") user_id = str(uuid4()) self.users.insert({ self.USER_ID: user_id, self.USERNAME: username, self.PASSWORD: User.__hash(password) }) return user_id def unregister(self, user_id): self.validate_user_id(user_id) self.users.delete({self.USER_ID: user_id}) def validate_user_id(self, user_id): user = self.users.get({self.USER_ID: user_id}) if not user: raise Error(code=403, message="Invalid user_id") @staticmethod def __validate_password(input_passwd, user_passwd): return user_passwd == User.__hash(input_passwd, salt=user_passwd) @staticmethod def __hash(password, salt=None): def _utf8(s): return s.encode('utf-8') return bcrypt.hashpw(_utf8(password), _utf8(salt) if salt else bcrypt.gensalt())
class Store(object): KEY = 'key' VALUE = 'value' USER_ID = 'user_id' def __init__(self): self.store = Mongo(config.MONGO_STORE_COLLECTION) @validate_key def get(self, key, user_id): item = self.store.get({self.KEY: key, self.USER_ID: user_id}) if item: return item.get(self.VALUE) else: raise Error(code=404, message="Key '{}' not found".format(key)) def get_all_keys(self, user_id): items = self.store.find_all({self.USER_ID: user_id}) keys = [] for item in items: keys.append(item.get(self.KEY)) return keys @validate_key def set(self, key, value, user_id): self.store.upsert({ self.KEY: key, self.USER_ID: user_id }, { self.KEY: key, self.VALUE: value, self.USER_ID: user_id, }) @validate_key def delete(self, key, user_id): self.store.delete({self.KEY: key, self.USER_ID: user_id}) def delete_all(self, user_id): self.store.delete_all({self.USER_ID: user_id})
class Store(object): KEY = 'key' VALUE = 'value' USER_ID = 'user_id' def __init__(self): self.store = Mongo(config.MONGO_STORE_COLLECTION) @validate_key def get(self, key, user_id): item = self.store.get({self.KEY: key, self.USER_ID: user_id}) if item: return item.get(self.VALUE) else: raise Error(code=404, message="Key '{}' not found".format(key)) def get_all_keys(self, user_id): items = self.store.find_all({self.USER_ID: user_id}) keys = [] for item in items: keys.append(item.get(self.KEY)) return keys @validate_key def set(self, key, value, user_id): self.store.upsert( {self.KEY: key, self.USER_ID: user_id}, { self.KEY: key, self.VALUE: value, self.USER_ID: user_id, } ) @validate_key def delete(self, key, user_id): self.store.delete({self.KEY: key, self.USER_ID: user_id}) def delete_all(self, user_id): self.store.delete_all({self.USER_ID: user_id})
class Token: TOKEN = 'token' USER_ID = 'user_id' CREATED_AT = 'created_at' CLIENT_ID = 'client_id' DEFAULT_CLIENT_ID = 'default' def __init__(self): self.token = Mongo(config.MONGO_TOKEN_COLLECTION) self.token.expire_after(self.CREATED_AT, config.TOKEN_EXPIRATION) def generate(self, user_id, client_id=None): token = str(uuid4()) cid = client_id or self.DEFAULT_CLIENT_ID self.token.upsert( { self.USER_ID: user_id, self.CLIENT_ID: cid }, { self.TOKEN: token, self.USER_ID: user_id, self.CREATED_AT: datetime.utcnow(), self.CLIENT_ID: cid } ) return { self.TOKEN: token, 'expire_seconds': config.TOKEN_EXPIRATION } def revoke_all(self, user_id): self.token.delete({self.USER_ID: user_id}) def validate_token(self, token): token = self.token.get({self.TOKEN: token}) if not token: raise Error(code=403, message="Invalid token") return token.get(self.USER_ID)