def post(self):
self.set_header('Content-Type', 'application/json')
try:
print self.request.body
data = json.loads(self.request.body)
except ValueError as e:
self.set_status(400)
return self.write(
json.dumps({"message": "username and password are required!"}))
username = data.get("username", None)
password = data.get("password", None)
if username and password:
session = DBSession()
try:
user = session.query(User).filter(
User.username == username).one()
except Exception as e:
logger.error("query db failed, %s" % e.message)
user = None
self.set_status(403)
self.write(
json.dumps({"message": "user %s not exist!" % username}))
finally:
session.close()
if user:
if hashlib.sha256(password).hexdigest() == user.password:
payload = {
'id':
user.id,
'username':
username,
'exp':
datetime.datetime.utcnow() +
datetime.timedelta(seconds=43200),
}
token = jwt.encode(payload, SECRET_KEY, algorithm='HS256')
response = {'token': token}
self.write(response)
else:
self.set_status(403)
self.write(
json.dumps({"message": 'authentication failed!'}))
else:
self.set_status(400)
self.write(
json.dumps({"message": 'username and password are required.'}))
class SysUserHandler(RequestHandler, CommonMiXin):
executor = ThreadPoolExecutor(THREAD_POOL_MAX)
def __init__(self, *args, **kwargs):
super(SysUserHandler, self).__init__(*args, **kwargs)
self.validate_data = Dict()
self.session = DBSession()
def _validate_json(self):
try:
data = json.loads(self.request.body)
self.validate_data.data = data
except ValueError as e:
logger.error("dump input data error: %s" % e.message)
raise WorkFlowError("input data must be json data structure!")
def _validate_required(self):
required_field = ['resource', 'username']
for required in required_field:
if required not in self.validate_data.data:
raise WorkFlowError("%s must be required!" % required)
self.validate_data.resource = self.validate_data.data['resource']
self.validate_data.username = self.validate_data.data['username']
self.validate_data.key_pass = self.validate_data.data.get(
"key_pass", None)
def validate(self):
try:
self._validate_json()
self._validate_required()
except Exception as e:
return False, e.message
return True, None
@gen.coroutine
def post(self):
self.add_my_header()
status, message = self.validate()
if status:
response = yield self.add_system_user(self.validate_data.resource,
self.validate_data.username,
self.validate_data.key_pass)
code = 200
else:
code = 400
response = message
self.my_response(code, response)
@gen.coroutine
def put(self):
self.ImplementError()
@gen.coroutine
def get(self):
self.ImplementError()
@gen.coroutine
def delete(self, *args, **kwargs):
self.add_my_header()
status, message = self.validate()
if status:
response = yield self.del_system_user(self.validate_data.resource,
self.validate_data.username)
code = 200
else:
code = 400
response = message
self.my_response(code, response)
@run_on_executor
def add_system_user(self, resource, username, key_password):
"""
use ansible shell module to execute command on inventory.
Args:
resource: inventory resource, see Resource Class
username: which user you want to add
key_password: the ssh private key password
Returns:
AnsibleReuslt: AnsibleResult instance, contain the all ansible return information.
"""
task = Task(resource)
key_dir = os.path.join(SSH_KEY_DIR, uuid4().hex)
private, public = gen_keys(key_password)
pri_file, pub_file = save_key_to_file(private, public, key_password,
key_dir)
add_user = task.add_user(username)
add_key = task.push_key(username, pub_file)
try:
ssh_key = SSHKey(username=username,
private_key=private,
public_key=public,
key_password=key_password,
cache_dir=key_dir)
self.session.add(ssh_key)
self.session.commit()
except Exception as e:
self.session.rollback()
logger.error("save ssh key instance to database failed!, %s" %
e.message)
finally:
self.session.close()
result = {
"add_user": add_user.result_deal,
"add_key": add_key.result_deal
}
return result
@run_on_executor
def del_system_user(self, resource, username):
"""
use ansible shell module to execute command on inventory.
Args:
resource: inventory resource, see Resource Class
username: which user you want to add
Returns:
AnsibleReuslt: AnsibleResult instance, contain the all ansible return information.
"""
task = Task(resource)
del_user = task.del_user(username)
return del_user.result_deal
class MyPlaybook(ResourceBase):
"""
this is my playbook object for execute playbook.
Attributes:
resource: resource dict ,see ResourceBase class
playbook_path: relational playbook path, the default playbook directory is: <PLAYBOOK_DIR>
req: required id
model: sqlalchemy data model
ws_function: web socket write message function
"""
def __init__(self, resource, playbook_path, req_id, model):
super(MyPlaybook, self).__init__(resource)
self.results_raw = None
self.playbook_path = playbook_path
self.req = req_id
self.model = model
self.count = 0
self.session = DBSession()
def save(self, msg):
if isinstance(msg, dict):
msg = json.dumps(msg)
states = 'SUCCESS'
else:
states = 'STARTED'
try:
msg = msg.decode('utf-8')
except UnicodeEncodeError:
msg = msg
record = self.model(step=self.count,
req=self.req,
msg=msg,
states=states)
self.session.add(record)
self.session.commit()
self.session.close()
def send_web(self, msg, color):
pass
def display(self,
msg,
color=None,
stderr=False,
screen_only=False,
log_only=False,
runner=None):
self.count += 1
self.save(msg)
self.send_web(msg, color)
def run(self, extra_vars=None):
"""
run ansible playbook, only surport relational path.
Args:
extra_vars: playbook extra variables.
"""
task_results = []
stats = CustomAggregateStats(task_results)
callbacks.display = self.display
playbook_cb = CustomePlaybookCallbacks(verbose=utils.VERBOSITY,
task_results=task_results)
runner_cb = PlaybookRunnerCallbacks(stats=stats,
verbose=utils.VERBOSITY)
playbook_path = os.path.join(PLAYBOOK_DIR, self.playbook_path)
pb = PlayBook(playbook=playbook_path,
stats=stats,
callbacks=playbook_cb,
runner_callbacks=runner_cb,
inventory=self.inventory,
extra_vars=extra_vars,
module_path=C.DEFAULT_MODULE_PATH,
check=False)
self.results_raw = pb.run()
self.count += 1
self.save(self.results_raw)
return self.results_raw
