def app_factory(global_config, **local_conf):
conf = global_config.copy()
conf.update(local_conf)
config._SETTINGS = conf
config.preprocess_settings()
application = bottle.Bottle()
configure_sx(application)
configure_urls(application)
configure_hooks(application)
get_cache()
return application
def get_auth(path=None):
user = bottle.request.get_header('x-auth-user', None)
key = bottle.request.get_header('x-auth-key', None)
if user is None or key is None:
raise bottle.HTTPError(400)
users = get_users()
if user not in users:
logger.debug("Unknown user '%s'" % user)
raise bottle.HTTPError(401)
user = users[user]
if user['pwd'] != key:
logger.debug("Wrong key for user '%s'" % user['name'])
raise bottle.HTTPError(401)
settings = get_settings()
name = user['name']
sxsid = hashlib.sha1(SECRET + name).hexdigest()
sxsid += ':' + os.urandom(128).encode('hex')
cache = get_cache()
cache.set(AUTH_CACHE_TEMPLATE % sxsid, json.dumps(user))
url = settings['this.storage_url'] + 'SXSID_' + sxsid
ttl = settings['cache.expiration_time']
exp = int(time.time()) + ttl
bottle.response.set_cookie('sxsid', sxsid, max_age=ttl, expires=exp)
bottle.response.set_header('x-storage-url', url)
bottle.response.status = 200
def get_auth(path=None):
user = bottle.request.get_header('x-auth-user', None)
key = bottle.request.get_header('x-auth-key', None)
if user is None or key is None:
raise bottle.HTTPError(400)
users = get_users()
if user not in users:
logger.debug("Unknown user '%s'" % user)
raise bottle.HTTPError(401)
user = users[user]
if user['pwd'] != key:
logger.debug("Wrong key for user '%s'" % user['name'])
raise bottle.HTTPError(401)
settings = get_settings()
name = user['name']
sxsid = hashlib.sha1(SECRET + name).hexdigest()
sxsid += ':' + os.urandom(128).encode('hex')
cache = get_cache()
cache.set(AUTH_CACHE_TEMPLATE % sxsid, json.dumps(user))
url = settings['this.storage_url'] + 'SXSID_' + sxsid
ttl = settings['cache.expiration_time']
exp = int(time.time()) + ttl
bottle.response.set_cookie('sxsid', sxsid, max_age=ttl, expires=exp)
bottle.response.set_header('x-storage-url', url)
bottle.response.status = 200
def _load_user_from_sxsid(self, sxsid, method):
cache = get_cache()
data = cache.get(AUTH_CACHE_TEMPLATE % sxsid)
if not data:
return None
user_data = json.loads(data)
if 'meta' not in user_data:
user_data['meta'] = {}
user_data['meta']['auth'] = method
user_data['access'] = PRIVS_BY_NAME.get(user_data['access'], NO_PRIVS)
return user_data
def _load_user_from_sxsid(self, sxsid, method):
cache = get_cache()
data = cache.get(AUTH_CACHE_TEMPLATE % sxsid)
if not data:
return None
user_data = json.loads(data)
if 'meta' not in user_data:
user_data['meta'] = {}
user_data['meta']['auth'] = method
user_data['access'] = PRIVS_BY_NAME.get(user_data['access'], NO_PRIVS)
return user_data