def _check_auth(self, req: Request): if self.auth_manager is None: return if req.get_auth() is None: self._respond_with_error(req, "NeAuthError", "The bridge only accepts requests based on privileges") raise AuthError() auth = req.get_auth() try: if isinstance(auth, CredentialsAuthContainer): self.auth_manager.authenticate(auth.username, auth.password) self.auth_manager.check_path_access_level_for_user(auth.username, req.get_path()) elif isinstance(auth, SerialAuthContainer): self.auth_manager.check_path_access_level(ApiAccessLevel.admin, req.get_path()) elif isinstance(auth, MqttAuthContainer): self.auth_manager.check_path_access_level(ApiAccessLevel.mqtt, req.get_path()) else: self._respond_with_error(req, "UnknownAuthError", "Unknown error occurred") raise AuthError() except AuthenticationFailedException: self._respond_with_error(req, "WrongAuthError", "illegal combination of username and password") raise AuthError() except UserDoesNotExistException: self._respond_with_error(req, "UserDoesntExistError", "User does not exist") raise AuthError() except InsufficientAccessPrivilegeException: self._respond_with_error(req, "AccessLevelError", "Insufficient privileges") raise AuthError() except UnknownUriException: self._handle_unknown(req) raise AuthError()
def _log_request(self, req: Request): short_json = json.dumps(req.get_payload()) if len(short_json) > 35: short_json = short_json[:35] + f"... + {len(short_json) - 35} bytes" auth_type = "No Auth" if req.get_auth() is None else req.get_auth().__class__.__name__[:-13] self._logger.info(f"Received request from '{req.get_sender()}' at '{req.get_path()}' " f"(Auth type: '{auth_type}'): {short_json}")