def validate_serial(req_data):
"""Verify serial in data validates
Args:
req_data (dict): request with serial and possibly models
"""
if req_data.get('version') != SCHEMA_COMMON.version:
raise util.SRException('serverUpgraded', None)
with _global_lock:
sim_type = sirepo.template.assert_sim_type(req_data.simulationType)
sid = req_data.models.simulation.simulationId
req_ser = req_data.models.simulation.simulationSerial
curr = read_simulation_json(sim_type, sid=sid)
curr_ser = curr.models.simulation.simulationSerial
if not req_ser is None:
if req_ser == curr_ser:
return
status = 'newer' if req_ser > curr_ser else 'older'
raise util.Error(
PKDict(
sim_type=sim_type,
error='invalidSerial',
simulationData=req_data,
),
'{}: incoming serial {} than stored serial={} sid={}, resetting client',
req_ser,
status,
curr_ser,
sid,
)
def logged_in_user(check_path=True):
"""Get the logged in user
Args:
check_path (bool): call `simulation_db.user_path` [True]
Returns:
str: uid of authenticated user
"""
u = _get_user()
if not _is_logged_in():
raise util.SRException(
'login',
None,
'user not logged in uid={}',
u,
)
assert u, \
'no user in cookie: state={} method={}'.format(
cookie.unchecked_get_value(_COOKIE_STATE),
cookie.unchecked_get_value(_COOKIE_METHOD),
)
if check_path:
import sirepo.simulation_db
sirepo.simulation_db.user_path(u, check=True)
return u
def api_authCompleteRegistration():
# Needs to be explicit, because we would need a special permission
# for just this API.
if not _is_logged_in():
raise util.SRException(LOGIN_ROUTE_NAME, None)
complete_registration(
_parse_display_name(http_request.parse_json().get('displayName')), )
return http_reply.gen_json_ok()
def _raise_sbatch_login_srexception(self, reason, msg):
raise util.SRException(
'sbatchLogin',
PKDict(
isModal=True,
reason=reason,
simulationId=msg.simulationId,
simulationType=msg.simulationType,
report=msg.computeModel,
host=self.cfg.host,
),
)
def login_fail_redirect(sim_type=None, module=None, reason=None, reload_js=False):
raise util.SRException(
'loginFail',
PKDict(
method=module.AUTH_METHOD,
reason=reason,
reload_js=reload_js,
sim_type=sim_type,
),
'login failed: reason={} method={}',
reason,
module.AUTH_METHOD,
)
def require_user():
e = None
m = cookie.unchecked_get_value(_COOKIE_METHOD)
p = None
r = 'login'
s = cookie.unchecked_get_value(_COOKIE_STATE)
u = _get_user()
if s is None:
e = 'no user in cookie'
elif s == _STATE_LOGGED_IN:
if m in cfg.methods:
f = getattr(_METHOD_MODULES[m], 'validate_login', None)
if f:
pkdc('validate_login method={}', m)
f()
return
if m in cfg.deprecated_methods:
e = 'deprecated'
else:
e = 'invalid'
reset_state()
p = PKDict(reload_js=True)
e = 'auth_method={} is {}, forcing login: uid='.format(m, e, u)
elif s == _STATE_LOGGED_OUT:
e = 'logged out uid={}'.format(u)
if m in cfg.deprecated_methods:
# Force login to this specific method so we can migrate to valid method
r = 'loginWith'
p = PKDict({':method': m})
e = 'forced {}={} uid={}'.format(m, r, p)
elif s == _STATE_COMPLETE_REGISTRATION:
if m == METHOD_GUEST:
pkdc('guest completeRegistration={}', u)
complete_registration()
return
r = 'completeRegistration'
e = 'uid={} needs to complete registration'.format(u)
else:
cookie.reset_state('uid={} state={} invalid, cannot continue'.format(
s, u))
p = PKDict(reload_js=True)
e = 'invalid cookie state={} uid={}'.format(s, u)
pkdc('SRException uid={} route={} params={} method={} error={}', u, r, p,
m, e)
raise util.SRException(r, p, 'user not logged in: {}', e)
def logged_in_user():
"""Get the logged in user
Returns:
str: uid of authenticated user
"""
res = _get_user()
if not _is_logged_in():
raise util.SRException(
'login',
None,
'user not logged in uid={}',
res,
)
assert res, 'no user in cookie: state={} method={}'.format(
cookie.unchecked_get_value(_COOKIE_STATE),
cookie.unchecked_get_value(_COOKIE_METHOD),
)
return res
def user_dir_not_found(user_dir, uid):
"""Called by simulation_db when user_dir is not found
Deletes any user records
Args:
uid (str): user that does not exist
"""
with auth_db.thread_lock:
for m in _METHOD_MODULES.values():
u = _method_user_model(m, uid)
if u:
u.delete()
u = auth_db.UserRegistration.search_by(uid=uid)
if u:
u.delete()
reset_state()
raise util.SRException(
'login',
PKDict(reload_js=True),
'simulation_db dir={} not found, deleted uid={}',
user_dir,
uid,
)
