コード例 #1
0
ファイル: auth.py プロジェクト: zoe-mora-imdc/Ossim
def login():
    username = request.args.get('username')
    password = request.args.get('password')
    if username is None:
        return make_bad_request(
            API_i18n.error(i18nmsgs.MISSING_PARAMETER_USERNAME))
    if password is None:
        return make_bad_request(
            API_i18n.error(i18nmsgs.MISSING_PARAMETER_PASSWORD))
    if not is_valid_user(username):
        return make_bad_request(API_i18n.error(i18nmsgs.INVALID_USERNAME))

    if not is_valid_user_password(password):
        return make_bad_request(API_i18n.error(i18nmsgs.INVALID_PASSWORD))
    try:
        user = db.session.query(Users).filter_by(login=username).one()
    except NoResultFound:
        return make_error(
            API_i18n.error(i18nmsgs.INVALID_USERNAME_OR_PASSWORD), 401)
    except MultipleResultsFound:
        return make_error(API_i18n.error(i18nmsgs.TOO_MANY_USERNAMES_MATCHING),
                          500)
    except Exception, e:
        return make_error(
            API_i18n.error(i18nmsgs.TOO_MANY_USERNAMES_MATCHING,
                           {"exception": str(e)}), 500)
コード例 #2
0
ファイル: auth.py プロジェクト: jpalanco/alienvault-ossim
def login():
    username = request.args.get('username')
    password = request.args.get('password')
    if username is None:
        return make_bad_request(API_i18n.error(i18nmsgs.MISSING_PARAMETER_USERNAME))
    if password is None:
        return make_bad_request(API_i18n.error(i18nmsgs.MISSING_PARAMETER_PASSWORD))
    if not is_valid_user(username):
        return make_bad_request(API_i18n.error(i18nmsgs.INVALID_USERNAME))

    if not is_valid_user_password(password):
        return make_bad_request(API_i18n.error(i18nmsgs.INVALID_PASSWORD))
    try:
        user = db.session.query(Users).filter_by(login=username).one()
    except NoResultFound:
        return make_error(API_i18n.error(i18nmsgs.INVALID_USERNAME_OR_PASSWORD), 401)
    except MultipleResultsFound:
        return make_error(API_i18n.error(i18nmsgs.TOO_MANY_USERNAMES_MATCHING), 500)
    except Exception, e:
        return make_error(API_i18n.error(i18nmsgs.TOO_MANY_USERNAMES_MATCHING, {"exception": str(e)}), 500)
コード例 #3
0
ファイル: auth.py プロジェクト: vitty84/alienvault-ossim
            else:
                # check if the password is already md5
                password_md5_hex = password
                if check_md5_regex.match(password) is None:
                    password_md5 = hashlib.md5()
                    password_md5.update(password.encode('latin-1'))
                    password_md5_hex = password_md5.hexdigest()
                if password_md5_hex.lower() == user.av_pass.lower():
                    login_valid = 1

        if login_valid == 1:
            login_user(user)
            identity_changed.send(app, identity=Identity(user.login))
            return make_ok()

    return make_error(API_i18n.error(i18nmsgs.INVALID_USERNAME_OR_PASSWORD), 401)


# WARNING:
# The decorator order is strictly like this.
# First, the route, then the login constraint.
@blueprint.route('/logout', methods=['GET'])
@logged_permission.require(http_exception=401)
def logout():
    logout_user()
    identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity())
    return make_ok()


@login_manager.user_loader
def load_user(username):
コード例 #4
0
ファイル: auth.py プロジェクト: jpalanco/alienvault-ossim
                if check_md5_regex.match(password) is None:
                    password_md5 = hashlib.md5()
                    password_md5.update(password.encode('latin-1'))
                    password_md5_hex = password_md5.hexdigest()
                if password_md5_hex.lower() == user.av_pass.lower():
                    login_valid = 1

        if login_valid == 1:
            login_user(user)
            identity_changed.send(app, identity=Identity(user.login))
            if not (current_user.is_admin == 1 or current_user.login == 'admin'):
                success = populate_user_permissions_table(user.login)
                app.logger.warning("user_perm table for the user %s has been populated successfully? %s" % (user.login, success))
            return make_ok()

    return make_error(API_i18n.error(i18nmsgs.INVALID_USERNAME_OR_PASSWORD), 401)


# WARNING:
# The decorator order is strictly like this.
# First, the route, then the login constraint.
@blueprint.route('/logout', methods=['GET'])
@logged_permission.require(http_exception=401)
def logout():
    logout_user()
    identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity())
    return make_ok()


@login_manager.user_loader
def load_user(username):