def validate_user(request): # check if we are api user or session user if not request.user.is_authenticated: try: ta = TokenAuthentication() ta.authenticate(request) except AuthenticationFailed: raise PermissionDenied()
def registerDetail(request): tokenAuthentication = TokenAuthentication() try: user = tokenAuthentication.authenticate(request) except exceptions.AuthenticationFailed: response = HttpResponse(json.dumps({ 'error':'fail' })) response.status_code='400' else: decodejson = json.loads(request.body) babyname = decodejson['babyname'] birthday = None; if 'birthday' in decodejson.keys(): birthday = decodejson['birthday'] if birthday : birthday = birthday[0:10] babyGender = int(decodejson['babyGender']) parentGender = int(decodejson['parentGender']) borned = int(decodejson['borned']) userprofile = UserProfile.objects.get_or_create(user = user[0]) UserProfile.objects.filter(user = user[0]).update(babyName=babyname,babyGender=babyGender,parentGender=parentGender,borned=borned,birthday=birthday) response = HttpResponse(json.dumps({ 'msg':'success' })) response.status_code='200' return response
def create(self, request, *args, **kwargs): try: aa = TokenAuthentication() user_name, token = aa.authenticate(request) print(user_name, token) except Exception as e: print(e) result = {'return': 'fail', 'message': "auth fail."} return Response(result, status=403) if user_name != request.user: result = {'return': 'fail', 'message': "others token."} return Response(result, status=403) validated_data = dict() validated_data['name'] = request.data['name'] validated_data['jenkins_job'] = request.data['jenkins_job'] validated_data['git_url'] = request.data['git_url'] validated_data['script_url'] = request.data['script_url'] validated_data['manage_user'] = request.user try: App.objects.create(**validated_data) response_data = { 'result': 'success', 'message': u'新App服务应用插入数据库成功!' } return Response(response_data, status=status.HTTP_201_CREATED) except Exception as e: print(e, "$$$$$$$$$$$$$$$$$$") response_data = { 'result': 'failed', 'message': u'App服务应用不能正确插入数据库' } return Response(response_data, status=status.HTTP_400_BAD_REQUEST)
def authenticate(self, request): """ Authenticate the request for anyone or if a valid token is provided, a user. """ try: return TokenAuthentication.authenticate(TokenAuthentication(), request) except: return AnonymousUser(), None
def _func(root, info, *args, **kwargs): authenticator = TokenAuthentication() user_auth_tuple = authenticator.authenticate(info.context) if user_auth_tuple is None: return None else: info.context.user = user_auth_tuple[0] return func(root, info, *args, **kwargs)
def get_or_create_person(request): user = request.user if user is None or user.is_anonymous: try: token_auth = TokenAuthentication() user, token = token_auth.authenticate(request) except: pass if user.is_anonymous: # Check if a session cookie exists uuid = request.get_signed_cookie('uuid', None) if uuid is not None: # get person from uuid person, created = Person.objects.get_or_create(uuid=uuid) if created: logger.info("Created new person, {0}".format(person)) else: # Create person and set uuid person = Person.objects.create() request.session['uuid'] = person.uuid else: try: person = Person.objects.get(user=user) except ObjectDoesNotExist: uuid = request.get_signed_cookie('uuid', None) if uuid is not None: person = Person.objects.get(uuid=uuid) if person.user is not None: if person.user is not user: # Another user has signed in # and this user needs a person! person = Person.objects.create(user=user) else: person.user = user else: person = Person.objects.create(user=user) first = '' if not user.first_name else user.first_name last = '' if not user.last_name else user.last_name if first == '' and last == '': full_name = user.username else: full_name = '{0} {1}'.format(first, last) if not person.full_name: person.full_name = full_name person.save() request.session['uuid'] = person.uuid if person: try: person.last_user_agent = request.META['HTTP_USER_AGENT'] person.save() except: pass return person
def tokenAuthentication(self, request): # default to session authentication if not request.user or not request.user.is_authenticated(): try: auth = TokenAuthentication() user, token = auth.authenticate(request) request.user = user except Exception, e: pass # ignore the attempt at authentication
def authenticate(self, request): """ Authenticate the request for anyone or if a valid token is provided, a user. """ try: return TokenAuthentication.authenticate(TokenAuthentication(), request) except Exception as e: logger.debug(e) return AnonymousUser(), None
def __call__(self, request): mfa_required = getattr(settings, 'MFA_REQUIRED', False) sso_mfa_required = getattr(settings, 'SSO_MFA_REQUIRED', False) admin_mfa_required = getattr(settings, 'ADMIN_MFA_REQUIRED', True) # Override MFA_REQUIRED setting for API Token authentication if mfa_required and 'Authorization' in request.headers \ and TokenAuthentication.keyword in request.headers['Authorization']: # Verify Token try: ta = TokenAuthentication() ta.authenticate(request) mfa_required = False except AuthenticationFailed: pass # Override MFA_REQUIRED setting for users logged in with SSO has_social_auth_attr = getattr(request.user, 'social_auth', None) is not None if mfa_required and not sso_mfa_required and has_social_auth_attr and request.user.social_auth.count( ) > 0: mfa_required = False # Override MFA_REQUIRED setting for staff users if mfa_required and not admin_mfa_required and request.user.is_staff: mfa_required = False if mfa_required and not has_mfa(request, request.user.username): if '/mfa' not in request.path \ and '/devices' not in request.path \ and '/oauth2' not in request.path \ and '/accounts' not in request.path \ and '/user' not in request.path \ and '/captcha' not in request.path \ and request.path != '/': messages.error( request, 'You must configure Multi Factor Authentication to continue.' ) return redirect('mfa_home') response = self.get_response(request) return response
def info(self, request, pk=None): auth = TokenAuthentication() if not auth.authenticate(request): raise exceptions.NotAuthenticated({'auth_token': "Auth error."}) current_customer = request.user if not current_customer.is_authenticated: raise exceptions.NotAuthenticated("Please provide auth token.") return Response(CustomerSerializer(current_customer).data, status=status.HTTP_200_OK)
def _get_user(self, request): user = get_user(request) if user.is_authenticated: return user token_authentication = TokenAuthentication() try: user, token = token_authentication.authenticate(request) except: pass return user
def get_user(request): token_authentication = TokenAuthentication() try: auth = token_authentication.authenticate(request) except APIException: return if auth is None: return return auth[0]
def get_token_user(request): user = get_user(request) if user.is_authenticated: return user token_authentication = TokenAuthentication() if get_authorization_header(request): try: user, _ = token_authentication.authenticate(request) except Exception: return user return user
def set_password(self, request, *args, **kwargs): password = request.data.get('password', None) if not password: raise exceptions.NotAcceptable( "New password field 'password' required") tAuth = TokenAuthentication() try: user, token = tAuth.authenticate(request) except: raise exceptions.NotAcceptable(detail="Unknown user or auth token") self.perform_set_password(user, password) return Response({})
def get_user(context): """Gets the user based on the Authorization header. Takes the Authorization header and extracts the token. Uses the token to identify which user is making the request. """ try: token_authentication = TokenAuthentication() # Will return None and raise TypeError if no auth header present user, token = token_authentication.authenticate(context) except TypeError: return None return user
def home(request): tokenAuthentication = TokenAuthentication() try: user = tokenAuthentication.authenticate(request) except exceptions.AuthenticationFailed: response = HttpResponse(json.dumps({ 'error':'fail' })) response.status_code='401' else: response = HttpResponse(json.dumps({ 'msg':user[0].username })) response.status_code='200' return response
def logout(request): tokenAuthentication = TokenAuthentication() try: user = tokenAuthentication.authenticate(request) except exceptions.AuthenticationFailed: response = HttpResponse(json.dumps({ 'error':'fail' })) response.status_code='400' else: token =Token.objects.get(user = user[0]) token.delete() response = HttpResponse(json.dumps({ 'msg':'success' })) response.status_code='200' return response
def __call__(self, request): token_auth_checker = TokenAuthentication() user = None try: auth = token_auth_checker.authenticate(request) if auth is None: token_key = request.COOKIES.get('authToken') if token_key is not None: auth = token_auth_checker.authenticate_credentials( token_key) if auth is not None: user = auth[0] except drf_exceptions.AuthenticationFailed: pass request.user = user or AnonymousUser() return self.get_response(request)
def dispatch(self, request: HttpRequest, *args, **kwargs): if request.user.is_authenticated: return super().dispatch(request, *args, **kwargs) authenticator = TokenAuthentication() try: auth_result = authenticator.authenticate(request) if not auth_result: return self.handle_no_permission() except exceptions.AuthenticationFailed as e: return HttpResponse(content=str(e), status=e.status_code) except PermissionDenied as e: return HttpResponseForbidden(content=str(e)) user, token = auth_result request.user = user request.auth = token return super().dispatch(request, *args, **kwargs)
def get_person(request): user = request.user if user is None or user.is_anonymous: try: token_auth = TokenAuthentication() user, token = token_auth.authenticate(request) except: pass if user.is_anonymous: # Check if a session cookie exists uuid = request.get_signed_cookie('uuid', None) if uuid is not None: # get person from uuid try: person = Person.objects.get(uuid=uuid) except ObjectDoesNotExist: return None else: return None else: try: person = Person.objects.get(user=user) except ObjectDoesNotExist: uuid = request.get_signed_cookie('uuid', None) if uuid is not None: person = Person.objects.get(uuid=uuid) person.user = user else: return None person.save() if person: try: person.last_user_agent = request.META['HTTP_USER_AGENT'] person.save() except: pass return person
def update(self, request, *args, **kwargs): try: aa = TokenAuthentication() user_name, token = aa.authenticate(request) print(user_name, token) except Exception as e: print(e) result = {'return': 'fail', 'message': "auth fail."} return Response(result, status=403) if user_name != request.user: result = {'return': 'fail', 'message': "others token."} return Response(result, status=403) validated_data = dict() validated_data['name'] = request.data['name'] validated_data['ip_address'] = request.data['ip_address'] validated_data['port'] = request.data['port'] validated_data['salt_name'] = request.data['salt_name'] validated_data['app_name'] = App.objects.get(name=request.data['app_name']) validated_data['env_name'] = Env.objects.get(name=request.data['env_name']) validated_data['app_user'] = request.data['app_user'] validated_data['op_user'] = request.user pk_id = kwargs["pk"] try: server_item = Server.objects.filter(pk=pk_id) server_item.update(**validated_data) mylog.debug("udpate server {} is {}. ".format(pk_id, validated_data)) response_data = { 'result': 'success', 'name': pk_id, 'create_user': request.user.username, 'message': u'更新服务器成功!' } return Response(response_data, status=status.HTTP_201_CREATED) except: response_data = { 'result': 'failed', 'message': u'更新服务器失败!' } return Response(response_data, status=status.HTTP_400_BAD_REQUEST)
def deposit(self, request, pk=None): auth = TokenAuthentication() if not auth.authenticate(request): raise exceptions.NotAuthenticated({'auth_token': "Auth error."}) customer = request.user amount = request.data.get('amount') try: amount = float(amount) except ValueError: raise exceptions.ValidationError( {'amount': "This has to be a number."}) if float(amount) > 0.0: customer.balance += amount customer.save() else: raise exceptions.ValidationError( {'amount': "This value must be greater than 0."}) return Response({'balance': customer.balance}, status=status.HTTP_200_OK)
def wrapper(request, *args, **kwargs): AUTH_TYPE = getattr(settings, 'IOS_NOTIFICATIONS_AUTHENTICATION', None) if AUTH_TYPE is None or AUTH_TYPE not in VALID_AUTH_TYPES: raise InvalidAuthenticationType('IOS_NOTIFICATIONS_AUTHENTICATION must be specified in your settings.py file.\ Valid options are "AuthBasic", "AuthBasicIsStaff" or "AuthNone"') # Basic Authorization elif AUTH_TYPE == 'AuthBasic' or AUTH_TYPE == 'AuthBasicIsStaff': if 'HTTP_AUTHORIZATION' in request.META: auth_type, encoded_user_password = request.META['HTTP_AUTHORIZATION'].split(' ') try: userpass = encoded_user_password.decode('base64') except binascii.Error: return JSONResponse({'error': 'invalid base64 encoded header'}, status=401) try: username, password = userpass.split(':') except ValueError: return JSONResponse({'error': 'malformed Authorization header'}, status=401) user = authenticate(username=username, password=password) if user is not None: if AUTH_TYPE == 'AuthBasic' or user.is_staff: return func(request, *args, **kwargs) return JSONResponse({'error': 'authentication error'}, status=401) return JSONResponse({'error': 'Authorization header not set'}, status=401) elif AUTH_TYPE == 'rest_framework.authentication.TokenAuthentication': from rest_framework.authentication import TokenAuthentication from rest_framework.exceptions import AuthenticationFailed token = TokenAuthentication() try: auth = token.authenticate(request=request) if auth is None: return JSONResponse({'error': 'Authorization header not set'}, status=401) except AuthenticationFailed as e: return JSONResponse({'error': e.detail}, status=401) # AuthNone: No authorization. return func(request, *args, **kwargs)
def update(self, request, *args, **kwargs): try: aa = TokenAuthentication() user_name, token = aa.authenticate(request) print(user_name, token) except Exception as e: print(e) result = {'return': 'fail', 'message': "auth fail."} return Response(result, status=403) if user_name != request.user: result = {'return': 'fail', 'message': "others token."} return Response(result, status=403) validated_data = dict() validated_data['name'] = request.data['name'] validated_data['jenkins_job'] = request.data['jenkins_job'] validated_data['git_url'] = request.data['git_url'] validated_data['script_url'] = request.data['script_url'] validated_data['create_user'] = request.user pk_id = kwargs["pk"] try: app_item = App.objects.filter(pk=pk_id) app_item.update(**validated_data) response_data = { 'result': 'success', 'name': pk_id, 'create_user': request.user.username, 'message': u'更新App服务应用成功!' } return Response(response_data, status=status.HTTP_201_CREATED) except: response_data = { 'result': 'failed', 'message': u'更新App服务应用失败!' } return Response(response_data, status=status.HTTP_400_BAD_REQUEST)
def create(self, request, *args, **kwargs): try: aa = TokenAuthentication() user_name, token = aa.authenticate(request) print(user_name, token) except Exception as e: print(e) result = {'return': 'fail', 'message': "auth fail."} return Response(result, status=403) if user_name != request.user: result = {'return': 'fail', 'message': "others token."} return Response(result, status=403) validated_data = dict() validated_data['name'] = request.data['name'] validated_data['ip_address'] = request.data['ip_address'] validated_data['port'] = request.data['port'] validated_data['salt_name'] = request.data['salt_name'] validated_data['app_name'] = App.objects.get(name=request.data['app_name']) validated_data['env_name'] = Env.objects.get(name=request.data['env_name']) validated_data['app_user'] = request.data['app_user'] validated_data['op_user'] = request.user try: Server.objects.create(**validated_data) mylog.debug("create server is {}. ".format(validated_data)) response_data = { 'result': 'success', 'message': u'新服务器插入数据库成功!' } return Response(response_data, status=status.HTTP_201_CREATED) except: response_data = { 'result': 'failed', 'message': u'不能正确插入数据库' } return Response(response_data, status=status.HTTP_400_BAD_REQUEST)
class MessageDeliveryApp(web.Application): def __init__(self, default_host="", transforms=None, **settings): sockjs_path = settings.pop('sockjs_path', '/msg-listen') self.router = SockJSRouter(MessageNotifier, sockjs_path) self.router.__app__ = self super(MessageDeliveryApp, self).__init__(self.router.urls, default_host, transforms, **settings) self._registry = {} self._redis_client = None self.init_redis() self._authenticator = TokenAuthentication() self._log('initialized') @gen.coroutine def init_redis(self): self._redis_client = tornadoredis.Client( host=conf.MESSAGING_REDIS_HOST, port=conf.MESSAGING_REDIS_PORT, ) self._redis_client.connect() channel = conf.MESSAGING_REDIS_CHANNEL yield gen.Task(self._redis_client.subscribe, channel) self._redis_client.listen(self.on_redis_event) self._log('Redis client fully initialized') def on_redis_event(self, message): if message.kind != 'message': return info = json.loads(message.body) if info['type'] == 'message': self.deliver_message(info['data']) elif info['type'] == 'notification': self.deliver_notification(info['data']) def deliver_message(self, data): self._log('got message to deliver:', data) info = MessageInfo.from_dict(data) for conn in self.get_connections(info.receiver_ids, flat=True): conn.deliver_message(info) def deliver_notification(self, data): notification = Notification.objects.get(id=data['id']) notification_data = serialize_model(notification) self._log('got notification to deliver:', notification_data) # mapping "user -> delivery" delivery_by_users = dict( NotificationDelivery.objects.filter( notification=notification).values_list('receiver_id', 'id')) # select connections of all online users connection_by_users = self.get_connections(delivery_by_users.keys()) # perform sending to receivers for user_id, connections in connection_by_users.items(): for conn in connections: conn.deliver_notification(notification_data) def get_connections(self, user_ids, flat=False): if flat: return [ conn for user_id in user_ids for conn in self._registry.get(user_id, []) ] else: user_ids = set(user_ids) conns = { user_id: connections for user_id, connections in self._registry.items() if user_id in user_ids } return conns def register_connection(self, user, connection): conn_lst = self._registry.setdefault(user.id, []) if connection not in conn_lst: conn_lst.append(connection) self._log('registered connection for', user, '::', *map(id, conn_lst)) def unregister_connection(self, user, connection): conn_lst = self._registry.get(user.id) if conn_lst is not None: if connection in conn_lst: conn_lst.remove(connection) if len(conn_lst) == 0: del self._registry[user.id] self._log('connection', id(connection), 'for', user, 'is unregistered ::', *map(id, conn_lst)) def perform_authentication(self, token): django_request = _Dummy() django_request.META = {'HTTP_AUTHORIZATION': token or ''} try: auth_tuple = self._authenticator.authenticate(django_request) if auth_tuple is not None: return auth_tuple[0] except AuthenticationFailed: return None def _log(self, *message): message = ' '.join(map(str, message)) log.debug('{}:\n{}'.format(type(self).__name__, message))
def authenticate(request): authentication = TokenAuthentication() result = authentication.authenticate(request) if result is None: raise AuthenticationFailed("No token header provided.") request.user = result[0]
def get_user(request): token_authentication = TokenAuthentication() auth = token_authentication.authenticate(request) if auth is not None: return auth[0]