Esempio n. 1
0
def create_app(secret_key, token, tracker_manager, clients_manager, notifier_manager, settings_manager,
               engine_runner, log_manager):
    AuthMiddleware.init(secret_key, token, lambda: settings_manager.get_is_authentication_enabled())
    app = create_api()
    add_static_route(app, 'webapp')
    app.add_route('/api/login', Login(settings_manager))
    app.add_route('/api/logout', Logout())
    app.add_route('/api/topics', TopicCollection(tracker_manager))
    app.add_route('/api/topics/{id}', Topic(tracker_manager))
    app.add_route('/api/topics/{id}/reset_status', TopicResetStatus(tracker_manager))
    app.add_route('/api/topics/parse', TopicParse(tracker_manager))
    app.add_route('/api/trackers', TrackerCollection(tracker_manager))
    app.add_route('/api/trackers/{tracker}', Tracker(tracker_manager))
    app.add_route('/api/trackers/{tracker}/check', TrackerCheck(tracker_manager))
    app.add_route('/api/clients', ClientCollection(clients_manager))
    app.add_route('/api/clients/{client}', Client(clients_manager))
    app.add_route('/api/clients/{client}/check', ClientCheck(clients_manager))
    app.add_route('/api/clients/{client}/default', ClientDefault(clients_manager))
    app.add_route('/api/notifiers', NotifierCollection(notifier_manager))
    app.add_route('/api/notifiers/{notifier}', Notifier(notifier_manager))
    app.add_route('/api/notifiers/{notifier}/check', NotifierCheck(notifier_manager))
    app.add_route('/api/notifiers/{notifier}/enabled', NotifierEnabled(notifier_manager))
    app.add_route('/api/settings/authentication', SettingsAuthentication(settings_manager))
    app.add_route('/api/settings/password', SettingsPassword(settings_manager))
    app.add_route('/api/settings/developer', SettingsDeveloper(settings_manager))
    app.add_route('/api/settings/logs', SettingsLogs(settings_manager))
    app.add_route('/api/settings/execute', SettingsExecute(engine_runner))
    app.add_route('/api/execute/logs', ExecuteLogs(log_manager))
    app.add_route('/api/execute/logs/{execute_id}/details', ExecuteLogsDetails(log_manager))
    app.add_route('/api/execute/logs/current', ExecuteLogCurrent(log_manager))
    app.add_route('/api/execute/call', ExecuteCall(engine_runner))
    return app
Esempio n. 2
0
    def test_disabled_auth(self):
        self.api.add_route(self.test_route, ResourceMock())
        AuthMiddleware.init('secret!', 'monitorrent', is_auth_enabled)
        self.simulate_request(
            self.test_route,
            headers={'Cookie': 'jwt=random; HttpOnly; Path=/'})

        self.assertEqual(falcon.HTTP_OK, self.srmock.status)
Esempio n. 3
0
    def test_authenticate(self):
        resp = falcon.Response()
        AuthMiddleware.authenticate(resp)

        self.assertIsNotNone(resp._cookies)
        jwt = resp._cookies[AuthMiddleware.cookie_name]

        self.assertEqual(jwt.key, AuthMiddleware.cookie_name)
        self.assertEqual(jwt.value, self.auth_token_verified)
        self.assertEqual(jwt['path'], '/')
    def test_authenticate(self):
        resp = falcon.Response()
        AuthMiddleware.authenticate(resp)

        self.assertIsNotNone(resp._cookies)
        jwt = resp._cookies[AuthMiddleware.cookie_name]

        self.assertEqual(jwt.key, AuthMiddleware.cookie_name)
        self.assertEqual(jwt.value, self.auth_token_verified)
        self.assertEqual(jwt['path'], '/')
Esempio n. 5
0
 def setUpClass(cls):
     super(RestTestBase, cls).setUpClass()
     AuthMiddleware.init('secret!', 'monitorrent', None)
     cls.auth_token_verified = '.'.join([
         'eyJhbGciOiJIUzUxMiJ9', 'Im1vbml0b3JyZW50Ig',
         'So4ED3ZokC6EqLKSnN9DqJVU5b4bZ2pLO_uUyS4jayhhkVkO4Z7YYCRYsenP_kvJFteAgk_fGsYF6lsj0UCshA'
     ])
     cls.auth_token_tampared = '.'.join([
         'eyJhbGciOiJIUzUxMiJ9', 'Im1vbml0b3JyZW50Ic',
         'So4ED3ZokC6EqLKSnN9DqJVU5b4bZ2pLO_uUyS4jayhhkVkO4Z7YYCRYsenP_kvJFteAgk_fGsYF6lsj0UCshA'
     ])
Esempio n. 6
0
 def on_post(self, req, resp):
     """
     :type req: MonitorrentRequest
     :type resp: MonitorrentResponse
     """
     body = req.json
     if body is None or 'password' not in body:
         raise falcon.HTTPBadRequest('WrongPassword', 'password is not specified')
     password = body['password']
     if password != self.settings_manager.get_password():
         raise falcon.HTTPUnauthorized('WrongPassword', 'password is not correct', None)
     AuthMiddleware.authenticate(resp)
Esempio n. 7
0
 def on_post(self, req, resp):
     """
     :type req: MonitorrentRequest
     :type resp: MonitorrentResponse
     """
     body = req.json
     if body is None or 'password' not in body:
         raise falcon.HTTPBadRequest('WrongPassword',
                                     'password is not specified')
     password = body['password']
     if password != self.settings_manager.get_password():
         raise falcon.HTTPUnauthorized('WrongPassword',
                                       'password is not correct', None)
     AuthMiddleware.authenticate(resp)
Esempio n. 8
0
    def on_get(self, req, resp, filename=None):
        """
        :type req: falcon.Request
        :type resp: falcon.Response
        """
        if self.redirect_to_login and not AuthMiddleware.validate_auth(req):
            resp.status = falcon.HTTP_FOUND
            # noinspection PyUnresolvedReferences
            resp.location = '/login'
            return

        file_path = filename or self.filename
        if self.folder:
            file_path = os.path.join(self.folder, file_path)
        if not os.path.isfile(file_path):
            raise falcon.HTTPNotFound(description='Requested page not found')

        mime_type, encoding = mimetypes.guess_type(file_path)
        etag, last_modified = self._get_static_info(file_path)

        # noinspection PyUnresolvedReferences
        resp.content_type = mime_type or 'text/plain'

        headers = {
            'Date': formatdate(time.time(), usegmt=True),
            'ETag': etag,
            'Last-Modified': last_modified,
            'Cache-Control': 'max-age=86400'
        }
        resp.set_headers(headers)

        if_modified_since = req.get_header('if-modified-since', None)
        if if_modified_since and (parsedate(if_modified_since) >=
                                  parsedate(last_modified)):
            resp.status = falcon.HTTP_NOT_MODIFIED
            return

        if_none_match = req.get_header('if-none-match', None)
        if if_none_match and (if_none_match == '*' or etag in if_none_match):
            resp.status = falcon.HTTP_NOT_MODIFIED
            return

        resp.stream_len = os.path.getsize(file_path)
        resp.stream = open(file_path, mode='rb')
Esempio n. 9
0
    def on_get(self, req, resp, filename=None):
        """
        :type req: falcon.Request
        :type resp: falcon.Response
        """
        if self.redirect_to_login and not AuthMiddleware.validate_auth(req):
            resp.status = falcon.HTTP_FOUND
            # noinspection PyUnresolvedReferences
            resp.location = '/login'
            return

        file_path = filename or self.filename
        if self.folder:
            file_path = os.path.join(self.folder, file_path)
        if not os.path.isfile(file_path):
            raise falcon.HTTPNotFound(description='Requested page not found')

        mime_type, encoding = mimetypes.guess_type(file_path)
        etag, last_modified = self._get_static_info(file_path)

        # noinspection PyUnresolvedReferences
        resp.content_type = mime_type or 'text/plain'

        headers = {'Date': formatdate(time.time(), usegmt=True),
                   'ETag': etag,
                   'Last-Modified': last_modified,
                   'Cache-Control': 'max-age=86400'}
        resp.set_headers(headers)

        if_modified_since = req.get_header('if-modified-since', None)
        if if_modified_since and (parsedate(if_modified_since) >= parsedate(last_modified)):
            resp.status = falcon.HTTP_NOT_MODIFIED
            return

        if_none_match = req.get_header('if-none-match', None)
        if if_none_match and (if_none_match == '*' or etag in if_none_match):
            resp.status = falcon.HTTP_NOT_MODIFIED
            return

        resp.stream_len = os.path.getsize(file_path)
        resp.stream = open(file_path, mode='rb')
Esempio n. 10
0
 def setUpClass(cls):
     super(RestTestBase, cls).setUpClass()
     AuthMiddleware.init('secret!', 'monitorrent', None)
     cls.auth_token_verified = 'eyJhbGciOiJIUzI1NiJ9.Im1vbml0b3JyZW50Ig.95p-fZYKe6CjaUbf7-gw2JKXifsocYf0w52rj-U7vHw'
     cls.auth_token_tampared = 'eyJhbGciOiJIUzI1NiJ9.Im1vbml0b3JyZW5UIg.95p-fZYKe6CjaUbf7-gw2JKXifsocYf0w52rj-U7vHw'
Esempio n. 11
0
 def on_post(self, req, resp):
     AuthMiddleware.logout(resp)
     resp.status = falcon.HTTP_NO_CONTENT
Esempio n. 12
0
 def on_post(self, req, resp):
     AuthMiddleware.logout(resp)
     resp.status = falcon.HTTP_NO_CONTENT
Esempio n. 13
0
 def setUpClass(cls):
     super(RestTestBase, cls).setUpClass()
     AuthMiddleware.init('secret!', 'monitorrent', None)
     cls.auth_token_verified = 'eyJhbGciOiJIUzI1NiJ9.Im1vbml0b3JyZW50Ig.95p-fZYKe6CjaUbf7-gw2JKXifsocYf0w52rj-U7vHw'
     cls.auth_token_tampared = 'eyJhbGciOiJIUzI1NiJ9.Im1vbml0b3JyZW5UIg.95p-fZYKe6CjaUbf7-gw2JKXifsocYf0w52rj-U7vHw'
    def test_disabled_auth(self):
        self.api.add_route(self.test_route, TestResource())
        AuthMiddleware.init('secret!', 'monitorrent', is_auth_enabled)
        self.simulate_request(self.test_route, headers={'Cookie': 'jwt=random; HttpOnly; Path=/'})

        self.assertEqual(falcon.HTTP_OK, self.srmock.status)