def logout(self, request): try: Token.delete(request.user.auth_token) except Exception: pass return Response(status=status.HTTP_200_OK)
def post(self, request): user_data = request.data if 'token' in user_data: Token.delete(user_data.get('token')) return Response({"message": "signed out"}, status.HTTP_200_OK) else: raise ValidationError('No token provided')
def get(self, request): try: token = Token.objects.get(user=request.user) # expire the token. Token.delete(token) return Response({'Message': 'Logout succeed.'}, status=200) except: return Response({'error': 'Logout error.'}, status=400)
def _authenicate(self, user, json): try: token = Token.objects.get(user=user) Token.delete(token) except Token.DoesNotExist: pass token = Token.objects.create(user=user) json['token'] = token.key return json
def __call__(self, request): # Code to be executed for each request before # the view (and later middleware) are called. response = self.get_response(request) if request.auth is not None: tf = datetime.datetime.now() - request.auth.created.replace(tzinfo=None) time_difference_in_minutes = tf.total_seconds() / 60 try: lifespan = settings.EXPIRING_TOKEN_LIFESPAN except AttributeError: lifespan = 30 # The token has 30 minutes to be in use if time_difference_in_minutes > lifespan: Token.delete(request.auth) return JsonResponse(data={"detail":"Token has expired"}, status=401, safe=False) # Code to be executed for each request/response after # the view is called. return response
def logout(request): token = TokenModel(request.auth) token.delete() return Response(status=status.HTTP_200_OK)
def authenticate(self, request): # If the token is attached to the request, verify the inbuilt way auth_header = get_authorization_header(request).split() if auth_header and auth_header[0].lower() == self.keyword.lower().encode(): return super(GenePatternAuthentication, self).authenticate(request) # Otherwise, assume username & password authentication through GenePattern # Get the username from the post if 'username' in request.POST: username = request.POST['username'] else: username = None # Return failure if username cannot be found if username is None: return None #raise exceptions.AuthenticationFailed("username not passed as POST parameter") # If in development mode, assume authentication is good if settings.DEBUG is True: try: user_model = User.objects.get(username=username) except User.DoesNotExist: user_model = User(username=username) user_model.save() try: token_model = Token.objects.get(user=user_model) except Token.DoesNotExist: token_model = Token(user=user_model, key=username) token_model.save() return (user_model, token_model.key) # Get the authentication file written by the JupyterHub authenticator, fail if file not found auth_file = settings.BASE_AUTH_PATH + '/' + username.lower() + '.json' if not os.path.isfile(auth_file): raise exceptions.AuthenticationFailed("authentication file not found") # Read the authentication file try: auth_raw = open(auth_file, 'r').read() except OSError: raise exceptions.AuthenticationFailed("error reading authentication file") try: auth_data = json.loads(auth_raw) except ValueError: raise exceptions.AuthenticationFailed("authentication file not in correct format") # Compare timestamp and return a failure if too old or bad now = datetime.datetime.now() try: auth_time = datetime.datetime.fromtimestamp(auth_data['timestamp']) except ValueError: raise exceptions.AuthenticationFailed("unable to read timestamp in authentication file") if now > auth_time + datetime.timedelta(weeks=1): raise exceptions.AuthenticationFailed("authentication file expired") # Return a failure if username in file doesn't match username in request if auth_data['username'].lower() != username: raise exceptions.AuthenticationFailed("authentication username mismatch") # Make a call to the GenePattern API token = auth_data['token'] auth_endpoint = settings.BASE_GENEPATTERN_URL + '/rest/v1/config/user' try: response = requests.get(auth_endpoint, headers={"Authorization": "Bearer " + token}) except ConnectionError: raise exceptions.AuthenticationFailed("unable to connect to GenePattern server") # Return a failure if the call results in an error if response.status_code != 200: raise exceptions.AuthenticationFailed("error response from GenePattern: " + response.status_code) # Return a failure if the username GenePattern returns doesn't match the requested one try: response_object = response.json() except ValueError: raise exceptions.AuthenticationFailed("error parsing response") if response_object['result'].lower() != username: raise exceptions.AuthenticationFailed("username does not match GenePattern response") # Get the user object, lazily create one if it doesn't exist try: user_model = User.objects.get(username=username) except User.DoesNotExist: user_model = User(username=username) user_model.save() # Set the token the same as the GenePattern token try: token_model = Token.objects.get(user=user_model) token_model.delete() except: # Ignore pass try: token_model = Token(user=user_model, key=token) token_model.save() except BaseException as e: raise exceptions.AuthenticationFailed(e) # Return the user object and token.key return (user_model, token)
def logout(request): Token.delete(request.auth) return Response({'message': 'Logged Out successfully'}, status=HTTP_200_OK)
def Logout(self, userData): token = Token(key=userData.auth_token.key) token.delete() return JsonResponse({'status': 'OK'}, status=200)