def list_auth_keys(request):
form = forms.SetAuthCodeDescription(request)
jwt_token = ""
if request.matchdict.get('user_id', ""):
user_id = request.matchdict.get('user_id', "")
else:
user_id = request.user.id
tokens = (request.db.query(models.BearerToken).filter_by(
user_id=user_id).filter(models.BearerToken.revoked == False).all())
if request.method == 'POST' and form.processPostData(request.POST):
exp = datetime.timedelta(days=muesli.config["api"]["KEY_EXPIRATION"])
max_keys = muesli.config["api"].get("MAX_KEYS", 0)
if len(tokens) >= max_keys and max_keys != -1:
raise HTTPBadRequest(
"Sie haben das Maximum von {} Keys überschritten!".format(
max_keys))
token = models.BearerToken(client="Personal Token",
user=request.user,
description=form['description'],
expires=datetime.datetime.utcnow() + exp)
request.db.add(token)
request.db.flush()
jwt_token = request.create_jwt_token(request.user.id,
admin=(request.user.is_admin),
jti=token.id,
expiration=exp)
request.session.flash("Ihr API Token wurde erstellt!",
queue='messages')
request.db.commit()
tokens.append(token)
return {'keys': tokens, 'form': form, 'freshtoken': jwt_token}
def api_login(request):
user = lookup_user(request, request.POST['email'], request.POST['password'])
if user:
exp = datetime.timedelta(days=muesli.config["api"]["KEY_EXPIRATION"])
token = models.BearerToken(client="Personal Token",
user=user,
description="Requested from API",
expires=datetime.datetime.utcnow()+exp
)
request.db.add(token)
request.db.flush()
jwt_token = muesli.utils.create_jwt_token(user.id, admin=(user.is_admin), jti=token.id, expiration=exp)
request.db.commit()
return {
'result': 'ok',
'token': jwt_token
}
return {'result': 'error'}
def api_login(request):
user = request.db.query(models.User).filter_by(
email=request.POST['email'].strip(),
password=sha1(
request.POST['password'].encode('utf-8')).hexdigest()).first()
exp = datetime.timedelta(days=muesli.config["api"]["KEY_EXPIRATION"])
token = models.BearerToken(client="Personal Token",
user=user,
description="Requested from API",
expires=datetime.datetime.utcnow() + exp)
request.db.add(token)
request.db.flush()
jwt_token = request.create_jwt_token(user.id,
admin=(user.is_admin),
jti=token.id,
expiration=exp)
request.db.commit()
if user:
return {'result': 'ok', 'token': jwt_token}
return {'result': 'error'}
