async def unregister(self, request):
if request.id != None:
if str(request.id) in userdb:
del userdb[str(request.id)]
return web.json_response({"unregistered": True})
else:
raise errors.Unauthorized("Not registered")
else:
raise errors.Unauthorized("A valid token is required")
async def fetch_activity(self, request):
if request.id == None:
raise errors.Unauthorized("A valid token is required")
activity_id = int(request.rel_url.query["itemid"])
if activity_id >= len(self.activities_df):
raise errors.UserError("this id is too big")
with open(get_path("../../interactions.csv"), "a") as output_csv:
writer = csv.writer(output_csv)
writer.writerow([request.id, activity_id, 1, int(time.time())])
output = self.activities_df.iloc[activity_id].to_json()
return web.Response(text=output)
def validate_session(self, session_token):
""" Validates the session, raises an exception if either the
session token does not exists or has expired.
Upon successful validation, returns the username connected with
the session.
"""
# Check if session exists
session = self.backend.get_session(session_token)
if not session:
raise errors.Unauthorized()
# Check expiry
now = datetime.utcnow()
session_duration = (now - session.create_time).total_seconds()
if session_duration > self.session_expiry_time_seconds:
raise errors.SessionExpired()
return session.username
async def suggestion(self, request):
if request.id == None or request.id not in userdb:
raise errors.Unauthorized("A valid token is required")
activities = userdb[request.id]["activities"]
best_choice, best_proba = -1, -1
for item_id, proba in predict(request.id):
if not self.activities_df.iloc[item_id]["type"] in activities:
continue
if proba > best_proba:
best_choice, best_proba = item_id, proba
activity = self.activities_df.iloc[best_choice]
return web.json_response({
"user": userdb[request.id]["name"],
"name": activity["description"],
"desc": activity["full_description"],
"url": activity["url"],
"hours": userdb[request.id]["hours"],
})
def wrapper(*args, **kwargs):
if require_auth:
session_token = None
auth_header = request.get_header('Authorization')
if auth_header:
# Header format 'Authorization: Session-token mytoken'
session_token = auth_header.split(' ', 1)[1]
else:
# Params format '?session_token=mytoken'
session_token = request.query.get('session_token')
if not session_token:
raise errors.Unauthorized()
# Raises an exception if the session is not valid
# Else get the username connected with the session.
username = self.controller.validate_session(session_token)
return handler(username, *args, **kwargs)
return handler(*args, **kwargs)
def authenticate(self, username, password):
""" Authenticates the user and upon successful authentication creates
a new session and returns the session token.
Authentication is done by verifying the password with it's hash.
"""
# Authenticate
user = self.backend.get_user(username)
if not user:
raise errors.Unauthorized()
is_success = sha256_crypt.verify(password, user.hashed_password)
session_token = utils.generate_uuid() if is_success else None
# Record the login attempt
self.backend.insert_login_attempt(username, session_token)
if not is_success:
raise errors.InvalidLogin()
# Create the session on successful login
self.backend.create_session(session_token, username)
return session_token
async def logout(self, request):
if request.id != None:
self.EXPIRED_TOKENS.add(request.headers.get("Authorization", None))
return web.json_response({"disconnected": True})
else:
raise errors.Unauthorized("A valid token is required")