def authenticate(self, authorization: http.Header, settings: Settings) -> Union[Auth, None]: if authorization is None: return None if not authorization.startswith('Bearer '): return None bearer = authorization.split(' ', 1)[1].strip() try: token = jwt.decode( bearer, algorithms=settings['JWT'].get('ALGORITHMS', ['EC256']), secret=settings['JWT'].get('SECRET', ''), **settings['JWT'].get('EXTRA', {}), ) except jwt.MissingRequiredClaimError as ex: log.warning('JWT Missing claim: %s', ex.claim) return None except jwt.InvalidTokenError as ex: log.exception('JWT Invalid Token: %s', ex.__class__.__name__) return None return self.get_account(token)
def put_publisher(session: Session, username: str, full_name: str, img_url: str, email: str, password: str, authorization: http.Header): ba = "".join(authorization.split()) decode = base64.b64decode(ba[5:]).decode('utf-8') usernamex, passwordx = decode.split(':') isAdmin = session.query(Admin).filter_by( username=usernamex).first() and session.query(Admin).filter_by( password=passwordx).first() queryset = session.query(Publisher).filter_by(email=email).first() if isAdmin: if email is not None: if queryset: if queryset and username is not None: queryset.username = username if queryset and full_name is not None: queryset.full_name = full_name if queryset and email is not None: queryset.email = email if queryset and img_url is not None: queryset.img_url = img_url if queryset and password is not None: queryset.password = password return {'message': 'success edit publisher'} else: return {'message': 'email not found !'} else: return {'message': 'please input your email !'} else: return {'massage': 'not authorized'}
def add_culinary(session: Session, auth: Auth, culinary_name: str, description: str, location: str, img_url: str, authorization: http.Header): ba = "".join(authorization.split()) decode = base64.b64decode(ba[5:]).decode('utf-8') username, password = decode.split(':') isPublisher = session.query(Publisher).filter_by( username=username).first() and session.query(Publisher).filter_by( password=password).first() query = session.query(Publisher).filter_by( username=auth.get_user_id()).first() if isPublisher: if query: addCulinary = Culinary(publisher=auth.get_user_id(), culinary_name=culinary_name, description=description, location=location, img_url=img_url) session.add(addCulinary) session.commit() return {'message': 'success add culinary'} else: return {'message': 'error add culinary'} else: return {'message': 'not authorized'}
def resolve(self, cookie: http.Header) -> typing.Dict[str, Cookie]: cookies = dict() if cookie: for c in cookie.split(";"): key, val = c.strip().split("=", 1) cookies[key] = Cookie(val) return cookies
def get_token(session: Session, auth: Auth, authorization: http.Header): if authorization is None: return {'message': 'not authorization and please login'} ba = "".join(authorization.split()) decode = base64.b64decode(ba[5:]).decode('utf-8') username, password = decode.split(':') query_admin = session.query(Admin).filter_by( username=auth.get_user_id()).first() query_publisher = session.query(Publisher).filter_by( username=auth.get_user_id()).first() if query_admin: if query_admin.password == password: return { 'username': auth.get_user_id(), 'user_id': query_admin.id, 'basic_token': ba[5:], } else: return {'message': 'auth Password wrong !'} elif query_publisher: if query_publisher.password == password: return { 'username': auth.get_user_id(), 'user_id': query_publisher.id, 'token': ba[5:], } else: return {'message': 'auth Password wrong !'} else: return {'message': 'error authorization'}
def authenticate(self, authorization: Header): if authorization is None: return None scheme, token = authorization.split() if scheme.lower() != 'token': return None if token == 'Abigale@123$': return Authenticated('admin', user=User('admin', True))
def authenticate(self, authorization: http.Header, settings: Settings): if not authorization: raise Unauthorized() scheme, token = authorization.split() try: payload = jwt.decode(token, settings['JWT_SECRET'], algorithms=['HS256']) return Authenticated(payload['user_id']) except jwt.exceptions.InvalidTokenError: raise Unauthorized()
def get_token_from_header(authorization: http.Header): if authorization is None: raise AuthenticationFailed('Authorization header is missing.') try: scheme, token = authorization.split() except ValueError: raise AuthenticationFailed( 'Could not seperate Authorization scheme and token.') if scheme.lower() != 'bearer': raise AuthenticationFailed( 'Authorization scheme not supported, try Bearer') return token
def authenticate_user(authorization: http.Header): """ Determine the user associated with a request, using a token Bearer. """ if authorization is None: return None try: scheme, token = authorization.split() if scheme.lower() != 'bearer': return None return User(jwt.decode(token, PUBLIC_KEY, algorithms=['RS256'])) except (ValueError, jwt.InvalidTokenError): return None
def authenticate(self, authorization: http.Header): """ Determine the user associated with a request, using HTTP Basic Authentication. """ if authorization is None: return None scheme, token = authorization.split() if scheme.lower() != 'basic': return None username, password = base64.b64decode(token).decode('utf-8').split(':') return Authenticated(username)
def authenticate(self, authorization: http.Header): if authorization is None: return None scheme, token = authorization.split() if scheme.lower() != 'bearer': return None if token != SECRET_KEY: return None return Authenticated('spider')
def get_jwt(authorization: http.Header, settings: Settings): if authorization is None: raise AuthenticationFailed( 'Authorization header is missing.') from None try: scheme, token = authorization.split() except ValueError: raise AuthenticationFailed( 'Could not seperate Authorization scheme and token.') from None if scheme.lower() != 'bearer': raise AuthenticationFailed( 'Authorization scheme not supported, try Bearer') from None return JWT(token=token, settings=settings)
def authenticate(self, authorization: Header, mongo: Database): if authorization is None: return None scheme, token = authorization.split() if scheme.lower() != 'basic': return None token = base64.b64decode(token).decode("utf-8") username, password = token.split(":") user = mongo.users.find_one({"username": username, "password": password}) if user is not None: username = user['username'] is_admin = user['isAdmin'] return Authenticated(username, user=User(username, is_admin))
def resolve(self, authorization: http.Header) -> User: """ Determine the user associated with a request, using HTTP Basic Authentication. """ if authorization is None: return None scheme, token = authorization.split() if scheme.lower() != 'basic': return None username, password = base64.b64decode(token).decode('utf-8').split(':') if not self.check_authentication(username, password): raise exceptions.Forbidden('Incorrect username or password.') return User(username)
def add_admin(session: Session, username: str, full_name: str, img_url: str, email: str, password: str, authorization: http.Header): ba = "".join(authorization.split()) decode = base64.b64decode(ba[5:]).decode('utf-8') usernamex, passwordx = decode.split(':') isAdmin = session.query(Admin).filter_by( username=usernamex).first() and session.query(Admin).filter_by( password=passwordx).first() if isAdmin: add_Admin = Admin(username, full_name, img_url, email, password) session.add(add_Admin) session.commit() return {'message': 'success add admin'} else: return {'message': 'not authorized'}
def authenticate(self, authorization: http.Header, session: Session): """ Determine the user associated with a request based on a token sent over the Authorization header. """ if authorization is None: return None scheme, token = authorization.split() if scheme.lower() != 'token': return None user_token = session.Token.objects.filter(key=token).first() if not user_token: return None return Authenticated(user_token.user.username, user=user_token.user)
def authenticate(self, authorization: http.Header, repository: repo.Repository): if authorization is None: return None scheme, token = authorization.split(' ', 1) if scheme.lower() != 'bearer': return None user = repository.find_token_user(token) if user is None: return None user = repository.find_token_user(token) if user is None: return None return Authenticated(user.email, user=user, token=token)
def delete_publisher(session: Session, email: str, authorization: http.Header): ba = "".join(authorization.split()) decode = base64.b64decode(ba[5:]).decode('utf-8') username, password = decode.split(':') isAdmin = session.query(Admin).filter_by( username=username).first() and session.query(Admin).filter_by( password=password).first() queryset = session.query(Publisher).filter_by(email=email).first() if isAdmin: if queryset: session.delete(queryset) return {"message": "success delete publisher"} else: return {"message": "error delete publisher"} else: return {'massage': 'not authorized'}
def token_logout(authorization: http.Header): from django_apistar.authentication.models import Token if not authorization: return None scheme, token = authorization.split() if scheme.lower() != 'bearer': return None try: user = Token.objects.get(key=token).user except Token.DoesNotExist: return None if user: user.auth_token.delete() return http.JSONResponse({"message": "Logged out."}, status_code=200)
def resolve(self, authorization: http.Header): """ Determine the user associated with a request, using Token Authentication. """ from django_apistar.authentication.models import Token if authorization is None: return None scheme, token = authorization.split() if scheme.lower() != 'bearer': return None try: user = Token.objects.get(key=token).user except Token.DoesNotExist: return None return user
def authenticate(self, authorization: http.Header, repository: repo.Repository): if authorization is None: return None scheme, token = authorization.split(' ', 1) if scheme.lower() != 'basic': return None username, password = base64.b64decode(token).decode('utf-8').split( ':', 1) user = repository.find_token_user(password) if user is None: return None if username != '' and username != user.email: return None return Authenticated(user.email, user=user, token=password)
def resolve(self, authorization: http.Header) -> User: """ Determina el usuario asociado con una peticion, usando Token de autenticacion """ if authorization is None: return None scheme, token = authorization.split() if scheme.lower() != 'token': return None try: token = jwt.decode(jwt=token, key=SECRET_KEY, algorithm=ALGORITHM) user = UserDAO() user = user.users.find_one({'_id': ObjectId(token['user'])}) if user: return User(_id=str(user['_id']), username=user['username'], groups=user['groups']) except Exception as e: raise exceptions.BadRequest(str(e)) return None
def authenticate(self, authorization: http.Header, settings: Settings): if authorization is None: raise Unauthorized({ 'error_code': 'AuthorizationHeaderMissing', 'message': "Authorization header is missing", }) scheme, token = authorization.split(None, 1) if scheme.lower() != 'bearer': raise Forbidden({ 'error_code': 'InvalidAuthorizationHeaderFormat', 'message': 'Authorization header is in invalid format, should be "Bearer TOKEN"', }) try: token = jwt.decode(token, key=self.pubkey, audience=None, options={'verify_aud': False}) except jwt.InvalidTokenError as e: headers = { 'WWW-Authenticate': 'Bearer error="invalid_token"', } raise Unauthorized( { 'error_code': 'InvalidAccessTokenError', 'message': "Access token is invalid: {token_error}", 'token_error': str(e), }, headers=headers) if token['iss'] != settings['QVARN']['TOKEN_ISSUER']: headers = { 'WWW-Authenticate': 'Bearer error="invalid_token"', } raise Unauthorized( { 'error_code': 'InvalidAccessTokenError', 'message': "Access token is invalid: {token_error}", 'token_error': 'Expected issuer %s, got %s' % (settings['QVARN']['TOKEN_ISSUER'], token['iss']), }, headers=headers) if 'sub' not in token: headers = { 'WWW-Authenticate': 'Bearer error="invalid_token"', } raise Unauthorized( { 'error_code': 'InvalidAccessTokenError', 'message': "Access token is invalid: {token_error}", 'token_error': 'Invalid subject (sub)', }, headers=headers) return Authenticated('user', token=token)