async def login_user(request, user: str, auth_context=None): """User/password authentication to get an access token. This method should be called to get an API token. This token will expire at some time. # noqa: E501 Parameters ---------- request : connexion.request user : str Name of the user who wants to be authenticated auth_context : dict, optional User's authorization context Returns ------- TokenResponseModel """ f_kwargs = {'auth_context': auth_context, 'user_id': user} dapi = DistributedAPI(f=preprocessor.get_permissions, f_kwargs=remove_nones_to_dict(f_kwargs), request_type='local_master', is_async=False, logger=logger) data = raise_if_exc(await dapi.distribute_function()) return web.json_response(data=TokenResponseModel( token=generate_token(user_id=user, rbac_policies=data.dikt)), status=200, dumps=dumps)
async def run_as_login(request, user: str, raw: bool = False) -> web.Response: """User/password authentication to get an access token. This method should be called to get an API token using an authorization context body. This token will expire at some time. # noqa: E501 Parameters ---------- request : connexion.request user : str Name of the user who wants to be authenticated. raw : bool, optional Respond in raw format. Default `False` Returns ------- web.Response Raw or JSON response with the generated access token. """ f_kwargs = {'user_id': user, 'auth_context': await request.json()} dapi = DistributedAPI(f=preprocessor.get_permissions, f_kwargs=remove_nones_to_dict(f_kwargs), request_type='local_master', is_async=False, logger=logger ) data = raise_if_exc(await dapi.distribute_function()) token = None try: token = generate_token(user_id=user, data=data.dikt, run_as=True) except WazuhException as e: raise_if_exc(e) return web.Response(text=token, content_type='text/plain', status=200) if raw \ else web.json_response(data=WazuhResult({'data': TokenResponseModel(token=token)}), status=200, dumps=dumps)
def test_generate_token(mock_raise_if_exc, mock_submit, mock_distribute_function, mock_dapi, mock_generate_keypair, mock_encode): """Verify if result is as expected""" class NewDatetime(datetime): def timestamp(self) -> float: return 0 mock_raise_if_exc.return_value = security_conf with patch('api.authentication.datetime', NewDatetime): result = authentication.generate_token('001', {'roles': [1]}) assert result == 'test_token', 'Result is not as expected' # Check all functions are called with expected params mock_dapi.assert_called_once_with(f=ANY, request_type='local_master', is_async=False, wait_for_complete=False, logger=ANY) mock_distribute_function.assert_called_once_with() mock_raise_if_exc.assert_called_once() mock_generate_keypair.assert_called_once() mock_encode.assert_called_once_with(original_payload, '-----BEGIN PRIVATE KEY-----', algorithm='ES512')
def test_generate_token(mock_raise_if_exc, mock_submit, mock_distribute_function, mock_dapi, mock_generate_secret, mock_encode, mock_time): """Verify if result is as expected""" mock_raise_if_exc.return_value = security_conf result = authentication.generate_token('001', {'roles': [1]}) assert result == 'test_token', 'Result is not as expected' # Check all functions are called with expected params mock_dapi.assert_called_once_with(f=ANY, request_type='local_master', is_async=False, wait_for_complete=True, logger=ANY) mock_distribute_function.assert_called_once_with() mock_raise_if_exc.assert_called_once() mock_generate_secret.assert_called_once() mock_encode.assert_called_once_with(original_payload, 'test_secret_token', algorithm='HS256')
async def login_user(request, user: str, raw=False): """User/password authentication to get an access token. This method should be called to get an API token. This token will expire at some time. # noqa: E501 Parameters ---------- request : connexion.request user : str Name of the user who wants to be authenticated raw : bool, optional Respond in raw format Returns ------- TokenResponseModel """ f_kwargs = {'user_id': user} try: # Add authorization context in case there is body in request f_kwargs['auth_context'] = await request.json() except JSONDecodeError: pass dapi = DistributedAPI(f=preprocessor.get_permissions, f_kwargs=remove_nones_to_dict(f_kwargs), request_type='local_master', is_async=False, logger=logger) data = raise_if_exc(await dapi.distribute_function()) token = None try: token = generate_token(user_id=user, data=data.dikt, run_as='auth_context' in f_kwargs.keys()) except WazuhException as e: raise_if_exc(e) if raw: return web.Response(text=token, content_type='text/plain', status=200) else: return web.json_response(data=WazuhResult( {'data': TokenResponseModel(token=token)}), status=200, dumps=dumps)
def create(self, request, format=None): serializer = RegisterSerializer(data=request.data) if not serializer.is_valid(): return Response( InvalidPost("Invalid or Incorrect data on the post request.", 1).display_invalid_exception()) [email, password] = [item for item in serializer.data.values()] # Checking if the email is already registered. if User.objects.filter(email=email): return Response( get_json_response("false", {}, { "code": 2, "message": "Invalid or Incorrect credentials. Email already registered." })) # Checking if the password is strong if not len(password) > 5: return Response( get_json_response("false", {}, { "code": 3, "message": "Invalid or Incorrect credentials. Weak credentials." })) [hashed_password, token_id ] = [generate_hash(password), generate_token(email, password)] User.objects.get_or_create(email=email, password=hashed_password, token_id=token_id) return Response( get_json_response("true", { "email": email, "token_id": token_id }, {}))