def check_authorization():
if 'remote_oauth' in session and 'client_id' in session:
# resp = app.remote_oauth.get('me')
bidder_data = get_bidder_id(app, session)
if bidder_data:
grant_timeout = iso8601.parse_date(
bidder_data[u'expires']) - datetime.now(tzlocal())
if grant_timeout > INVALIDATE_GRANT:
app.logger.info(
"Bidder {} with client_id {} pass check_authorization".
format(
bidder_data['bidder_id'],
session['client_id'],
),
extra=prepare_extra_journal_fields(request.headers))
return jsonify({'status': 'ok'})
else:
app.logger.info(
"Grant will end in a short time. Activate re-login functionality",
extra=prepare_extra_journal_fields(request.headers))
else:
app.logger.warning(
"Client_id {} didn't passed check_authorization".format(
session['client_id']),
extra=prepare_extra_journal_fields(request.headers))
abort(401)
def authorized():
if not ('error' in request.args
and request.args['error'] == 'access_denied'):
resp = app.remote_oauth.authorized_response()
if resp is None or hasattr(resp, 'data'):
app.logger.info("Error Response from Oauth: {}".format(resp))
return abort(403, 'Access denied')
app.logger.info("Get response from Oauth: {}".format(repr(resp)))
session['remote_oauth'] = (resp['access_token'], '')
session['client_id'] = os.urandom(16).encode('hex')
bidder_data = get_bidder_id(app, session)
app.logger.info("Bidder {} with client_id {} authorized".format(
bidder_data['bidder_id'],
session['client_id'],
),
extra=prepare_extra_journal_fields(request.headers))
app.logger.debug("Session: {}".format(repr(session)))
response = redirect(
urljoin(request.headers['X-Forwarded-Path'], '.').rstrip('/'))
response.set_cookie('auctions_loggedin',
'1',
path=app.config['SESSION_COOKIE_PATH'],
secure=False,
httponly=False,
max_age=36000)
return response
def post_bid():
if 'remote_oauth' in session and 'client_id' in session:
bidder_data = get_bidder_id(app, session)
if bidder_data and bidder_data['bidder_id'] == request.json[
'bidder_id']:
return jsonify(app.form_handler())
else:
app.logger.warning(
"Client with client id: {} and bidder_id {} wants post bid but response status from Oauth"
.format(session.get('client_id', 'None'),
request.json.get('bidder_id', 'None')))
abort(401)
def logout():
if 'remote_oauth' in session and 'client_id' in session:
bidder_data = get_bidder_id(app, session)
if bidder_data:
remove_client(bidder_data['bidder_id'], session['client_id'])
send_event(
bidder_data['bidder_id'],
app.auction_bidders[bidder_data['bidder_id']]["clients"],
"ClientsList")
session.clear()
return redirect(
urljoin(request.headers['X-Forwarded-Path'], '.').rstrip('/'))
def post_bid():
auction = app.config['auction']
if 'remote_oauth' in session and 'client_id' in session:
bidder_data = get_bidder_id(app, session)
if bidder_data and bidder_data['bidder_id'] == request.json[
'bidder_id']:
with auction.bids_actions:
form = BidsForm.from_json(request.json)
form.auction = auction
form.document = auction.db.get(auction.auction_doc_id)
current_time = datetime.now(timezone('Europe/Kiev'))
if form.validate():
# write data
auction.add_bid(
form.document['current_stage'], {
'amount': form.data['bid'],
'bidder_id': form.data['bidder_id'],
'time': current_time.isoformat()
})
if form.data['bid'] == -1.0:
app.logger.info(
"Bidder {} with client_id {} canceled bids in stage {} in {}"
.format(form.data['bidder_id'],
session['client_id'],
form.document['current_stage'],
current_time.isoformat()),
extra=prepare_extra_journal_fields(
request.headers))
else:
app.logger.info(
"Bidder {} with client_id {} placed bid {} in {}".
format(form.data['bidder_id'],
session['client_id'], form.data['bid'],
current_time.isoformat()),
extra=prepare_extra_journal_fields(
request.headers))
response = {'status': 'ok', 'data': form.data}
else:
response = {'status': 'failed', 'errors': form.errors}
app.logger.info(
"Bidder {} with client_id {} wants place bid {} in {} with errors {}"
.format(request.json.get('bidder_id', 'None'),
session['client_id'],
request.json.get('bid', 'None'),
current_time.isoformat(), repr(form.errors)),
extra=prepare_extra_journal_fields(request.headers))
return jsonify(response)
else:
app.logger.warning(
"Client with client id: {} and bidder_id {} wants post bid but response status from Oauth"
.format(session.get('client_id', 'None'),
request.json.get('bidder_id', 'None')))
abort(401)
def kickclient():
if 'remote_oauth' in session and 'client_id' in session:
with app.context['server_actions']:
data = request.json
bidder_data = get_bidder_id(app, session)
if bidder_data:
data['bidder_id'] = bidder_data['bidder_id']
if 'client_id' in data:
send_event_to_client(data['bidder_id'], data['client_id'],
{"from": session['client_id']},
"KickClient")
return jsonify({"status": "ok"})
abort(401)
def logout():
if 'remote_oauth' in session and 'client_id' in session:
bidder_data = get_bidder_id(app, session)
if bidder_data:
remove_client(bidder_data['bidder_id'], session['client_id'])
send_event(
bidder_data['bidder_id'],
app.auction_bidders[bidder_data['bidder_id']]["clients"],
"ClientsList"
)
session.clear()
return redirect(
urljoin(request.headers['X-Forwarded-Path'], '.').rstrip('/')
)
def kickclient():
if 'remote_oauth' in session and 'client_id' in session:
auction = app.config['auction']
with auction.bids_actions:
data = request.json
bidder_data = get_bidder_id(app, session)
if bidder_data:
data['bidder_id'] = bidder_data['bidder_id']
if 'client_id' in data:
send_event_to_client(
data['bidder_id'], data['client_id'], {
"from": session['client_id']
}, "KickClient"
)
return jsonify({"status": "ok"})
abort(401)
def check_authorization():
if 'remote_oauth' in session and 'client_id' in session:
# resp = app.remote_oauth.get('me')
bidder_data = get_bidder_id(app, session)
if bidder_data:
grant_timeout = iso8601.parse_date(bidder_data[u'expires']) - datetime.now(tzlocal())
if grant_timeout > INVALIDATE_GRANT:
app.logger.info("Bidder {} with client_id {} pass check_authorization".format(
bidder_data['bidder_id'], session['client_id'],
), extra=prepare_extra_journal_fields(request.headers))
return jsonify({'status': 'ok'})
else:
app.logger.info(
"Grant will end in a short time. Activate re-login functionality",
extra=prepare_extra_journal_fields(request.headers)
)
else:
app.logger.warning("Client_id {} didn't passed check_authorization".format(session['client_id']),
extra=prepare_extra_journal_fields(request.headers))
abort(401)
def set_sse_timeout():
current_app.logger.info(
'Handle set_sse_timeout request with session {}'.format(repr(dict(session))),
extra=prepare_extra_journal_fields(request.headers)
)
if 'remote_oauth' in session and 'client_id' in session:
bidder_data = get_bidder_id(current_app, session)
if bidder_data:
current_app.logger.info("Bidder {} with client_id {} set sse_timeout".format(
bidder_data['bidder_id'], session['client_id'],
), extra=prepare_extra_journal_fields(request.headers))
bidder = bidder_data['bidder_id']
if 'timeout' in request.json:
session["sse_timeout"] = int(request.json['timeout'])
send_event_to_client(
bidder, session['client_id'], '',
event='StopSSE'
)
return jsonify({'timeout': session["sse_timeout"]})
return abort(401)
def post_bid():
auction = app.config['auction']
if 'remote_oauth' in session and 'client_id' in session:
bidder_data = get_bidder_id(app, session)
if bidder_data and bidder_data['bidder_id'] == request.json['bidder_id']:
with auction.bids_actions:
form = BidsForm.from_json(request.json)
form.auction = auction
form.document = auction.db.get(auction.auction_doc_id)
current_time = datetime.now(timezone('Europe/Kiev'))
if form.validate():
# write data
auction.add_bid(form.document['current_stage'],
{'amount': form.data['bid'],
'bidder_id': form.data['bidder_id'],
'time': current_time.isoformat()})
if form.data['bid'] == -1.0:
app.logger.info("Bidder {} with client_id {} canceled bids in stage {} in {}".format(
form.data['bidder_id'], session['client_id'],
form.document['current_stage'], current_time.isoformat()
), extra=prepare_extra_journal_fields(request.headers))
else:
app.logger.info("Bidder {} with client_id {} placed bid {} in {}".format(
form.data['bidder_id'], session['client_id'],
form.data['bid'], current_time.isoformat()
), extra=prepare_extra_journal_fields(request.headers))
response = {'status': 'ok', 'data': form.data}
else:
response = {'status': 'failed', 'errors': form.errors}
app.logger.info("Bidder {} with client_id {} wants place bid {} in {} with errors {}".format(
request.json.get('bidder_id', 'None'), session['client_id'],
request.json.get('bid', 'None'), current_time.isoformat(),
repr(form.errors)
), extra=prepare_extra_journal_fields(request.headers))
return jsonify(response)
else:
app.logger.warning("Client with client id: {} and bidder_id {} wants post bid but response status from Oauth".format(
session.get('client_id', 'None'), request.json.get('bidder_id', 'None')
))
abort(401)
def set_sse_timeout():
current_app.logger.info(
'Handle set_sse_timeout request with session {}'.format(
repr(dict(session))),
extra=prepare_extra_journal_fields(request.headers))
if 'remote_oauth' in session and 'client_id' in session:
bidder_data = get_bidder_id(current_app, session)
if bidder_data:
current_app.logger.info(
"Bidder {} with client_id {} set sse_timeout".format(
bidder_data['bidder_id'],
session['client_id'],
),
extra=prepare_extra_journal_fields(request.headers))
bidder = bidder_data['bidder_id']
if 'timeout' in request.json:
session["sse_timeout"] = int(request.json['timeout'])
send_event_to_client(bidder,
session['client_id'],
'',
event='StopSSE')
return jsonify({'timeout': session["sse_timeout"]})
return abort(401)
def authorized():
if not('error' in request.args and request.args['error'] == 'access_denied'):
resp = app.remote_oauth.authorized_response()
if resp is None or hasattr(resp, 'data'):
app.logger.info("Error Response from Oauth: {}".format(resp))
return abort(403, 'Access denied')
app.logger.info("Get response from Oauth: {}".format(repr(resp)))
session['remote_oauth'] = (resp['access_token'], '')
session['client_id'] = os.urandom(16).encode('hex')
bidder_data = get_bidder_id(app, session)
app.logger.info("Bidder {} with client_id {} authorized".format(
bidder_data['bidder_id'], session['client_id'],
), extra=prepare_extra_journal_fields(request.headers))
app.logger.debug("Session: {}".format(repr(session)))
response = redirect(
urljoin(request.headers['X-Forwarded-Path'], '.').rstrip('/')
)
response.set_cookie('auctions_loggedin', '1',
path=app.config['SESSION_COOKIE_PATH'],
secure=False, httponly=False, max_age=36000
)
return response
def event_source():
current_app.logger.debug(
'Handle event_source request with session {}'.format(
repr(dict(session))),
extra=prepare_extra_journal_fields(request.headers))
if 'remote_oauth' in session and 'client_id' in session:
bidder_data = get_bidder_id(current_app, session)
if bidder_data:
valid_bidder = False
client_hash = session['client_id']
bidder = bidder_data['bidder_id']
for bidder_info in current_app.config['auction'].bidders_data:
if bidder_info['id'] == bidder:
valid_bidder = True
break
if current_app.config['auction'].auction_document.get(
'current_phase',
'') in ['dutch', 'pre-started', 'pre-sealedbid']:
valid_bidder = True
if valid_bidder:
if bidder not in current_app.auction_bidders:
current_app.auction_bidders[bidder] = {
"clients": {},
"channels": {}
}
if client_hash not in current_app.auction_bidders[bidder]:
real_ip = request.environ.get('HTTP_X_REAL_IP', '')
if real_ip.startswith('172.'):
real_ip = ''
current_app.auction_bidders[bidder]["clients"][
client_hash] = {
'ip':
','.join([
request.headers.get('X-Forwarded-For', ''),
real_ip
]),
'User-Agent':
request.headers.get('User-Agent'),
}
current_app.auction_bidders[bidder]["channels"][
client_hash] = Queue()
current_app.logger.info(
'Send identification for bidder: {} with client_hash {}'.
format(bidder, client_hash),
extra=prepare_extra_journal_fields(request.headers))
identification_data = {
"bidder_id": bidder,
"client_id": client_hash,
"return_url": session.get('return_url', '')
}
if current_app.config['auction'].features:
identification_data["coeficient"] = str(
current_app.config['auction'].
bidders_coeficient[bidder])
send_event_to_client(bidder, client_hash, identification_data,
"Identification")
if 'amount' in session:
send_event_to_client(bidder, client_hash,
{"last_amount": session['amount']},
"RestoreBidAmount")
current_app.logger.debug('Send RestoreBidAmount')
del session['amount']
if not session.get("sse_timeout", 0):
current_app.logger.debug('Send ClientsList')
send_event(bidder,
current_app.auction_bidders[bidder]["clients"],
"ClientsList")
response = Response(
SseStream(current_app.auction_bidders[bidder]["channels"]
[client_hash],
bidder_id=bidder,
client_id=client_hash,
timeout=session.get("sse_timeout", 0)),
direct_passthrough=True,
mimetype='text/event-stream',
content_type='text/event-stream')
response.headers['Cache-Control'] = 'no-cache'
response.headers['X-Accel-Buffering'] = 'no'
return response
else:
current_app.logger.info(
'Not valid bidder: bidder_id {} with client_hash {}'.
format(bidder, client_hash),
extra=prepare_extra_journal_fields(request.headers))
current_app.logger.debug('Disable event_source for unauthorized user.',
extra=prepare_extra_journal_fields(
request.headers))
events_close = PySse()
events_close.add_message("Close", "Disable")
response = Response(iter(
[bytearray(''.join([x for x in events_close]), 'UTF-8')]),
direct_passthrough=True,
mimetype='text/event-stream',
content_type='text/event-stream')
response.headers['Cache-Control'] = 'no-cache'
response.headers['X-Accel-Buffering'] = 'no'
return response
def event_source():
current_app.logger.debug(
'Handle event_source request with session {}'.format(repr(dict(session))),
extra=prepare_extra_journal_fields(request.headers)
)
if 'remote_oauth' in session and 'client_id' in session:
bidder_data = get_bidder_id(current_app, session)
if bidder_data:
valid_bidder = False
client_hash = session['client_id']
bidder = bidder_data['bidder_id']
for bidder_info in current_app.config['auction'].bidders_data:
if bidder_info['id'] == bidder:
valid_bidder = True
break
if valid_bidder:
if bidder not in current_app.auction_bidders:
current_app.auction_bidders[bidder] = {
"clients": {},
"channels": {}
}
if client_hash not in current_app.auction_bidders[bidder]:
real_ip = request.environ.get('HTTP_X_REAL_IP', '')
if real_ip.startswith('172.'):
real_ip = ''
current_app.auction_bidders[bidder]["clients"][client_hash] = {
'ip': ','.join(
[request.headers.get('X-Forwarded-For', ''), real_ip]
),
'User-Agent': request.headers.get('User-Agent'),
}
current_app.auction_bidders[bidder]["channels"][client_hash] = Queue()
current_app.logger.info(
'Send identification for bidder: {} with client_hash {}'.format(bidder, client_hash),
extra=prepare_extra_journal_fields(request.headers)
)
identification_data = {"bidder_id": bidder,
"client_id": client_hash,
"return_url": session.get('return_url', '')}
if current_app.config['auction'].features:
identification_data["coeficient"] = str(current_app.config['auction'].bidders_coeficient[bidder])
send_event_to_client(bidder, client_hash, identification_data,
"Identification")
if 'amount' in session:
send_event_to_client(bidder, client_hash,
{"last_amount": session['amount']},
"RestoreBidAmount")
current_app.logger.debug('Send RestoreBidAmount')
del session['amount']
if not session.get("sse_timeout", 0):
current_app.logger.debug('Send ClientsList')
send_event(
bidder,
current_app.auction_bidders[bidder]["clients"],
"ClientsList"
)
response = Response(
SseStream(
current_app.auction_bidders[bidder]["channels"][client_hash],
bidder_id=bidder,
client_id=client_hash,
timeout=session.get("sse_timeout", 0)
),
direct_passthrough=True,
mimetype='text/event-stream',
content_type='text/event-stream'
)
response.headers['Cache-Control'] = 'no-cache'
response.headers['X-Accel-Buffering'] = 'no'
return response
else:
current_app.logger.info(
'Not valid bidder: bidder_id {} with client_hash {}'.format(bidder, client_hash),
extra=prepare_extra_journal_fields(request.headers)
)
current_app.logger.debug(
'Disable event_source for unauthorized user.',
extra=prepare_extra_journal_fields(request.headers)
)
events_close = PySse()
events_close.add_message("Close", "Disable")
response = Response(
iter([bytearray(''.join([x for x in events_close]), 'UTF-8')]),
direct_passthrough=True,
mimetype='text/event-stream',
content_type='text/event-stream'
)
response.headers['Cache-Control'] = 'no-cache'
response.headers['X-Accel-Buffering'] = 'no'
return response
