def switch_project_with_token(request): token = request.session.get("passToken") if request.method == 'POST': data = json.loads(request.POST.get("data")) project_name = data.get("project_name") domain_name = request.session.get("domain_name") auth_url = request.session.get("auth_url") try: keystone = KeystoneRestAPI(auth_url, token) except Unauthorized as e: request.session["error"] = { "title": e.message, "message": e.details } return JsonResponse({ "error": { "title": e.message, "message": e.details, "code": 401 } }) # result = keystone.get_token_with_scoped_by_token(project_id=project_id) result = keystone.get_token_with_scoped_by_token( domain_name=domain_name, project_name=project_name) if result.get("success"): # request.session.set_expiry(SESSION_COOKIE_AGE) token = result['success']['token'] request.session["passToken"] = token request.session["project_name"] = project_name roles = result["success"].get("roles") if roles: roles_str = ','.join(role.get("name") for role in roles) else: roles_str = "" user = result["success"].get("user") project = result["success"].get("project") request.session["user_id"] = user.get("id") request.session["user_name"] = user.get("name") request.session["project_id"] = project.get("id") request.session["roles"] = roles_str ctrl_engine = ControlEngine(token=token, project_id=project.get("id"), project_name=project_name, user_id=user.get("id"), user_name=user.get("name"), roles=roles_str, auth_url=auth_url) request.session["ctrl_header"] = ctrl_engine.get_header() return JsonResponse(result)
def login_soa(request): data = None try: data = json.loads(request.POST.get("data")) except ValueError as e: result = { "error": { "title": e.message, "message": "json malformed error" } } else: auth_url = data.get("auth_url") user_name = data.get("user_name") password = data.get("pass") project_name = data.get("project_name") soac_conn = SOAControlDBConnector.getInstance() if auth_url == request.session.get("auth_url"): domain_name = request.session.get("domain_name") else: domain = soac_conn.select_one(SELECT_SOAC_DOMAINS, auth_url) domain_name = domain.get("domain_name") token = None roles = None roles_str = None project_id = None user_id = None keystone = None # =================================Scope Login================================== result = KeystoneRestAPI.get_token(auth_url, user_name, password, domain_name, project_name) # if type(result) == str: # result = ast.literal_eval(result) # str 타입을 dictionary 타입으로 바꿈 if result.get('success'): user = result["success"].get("user") domain_id = user["domain"].get("id") if not roles: roles = result["success"].get("roles") request.session["domain_id"] = domain_id token = result['success']['token'] user_id = user.get("id") if keystone is None: keystone = KeystoneRestAPI(auth_url, token) keystone.update_token(token) roles_str = ','.join(role.get("name") for role in roles) ctrl_engine = ControlEngine(token=token, project_id=project_id, project_name=project_name, user_id=user_id, user_name=user_name, roles=roles_str, auth_url=auth_url) request.session["ctrl_header"] = ctrl_engine.get_header() # ================================================ request.session["passToken"] = token request.session["user_name"] = user_name request.session["domain_name"] = domain_name request.session["project_name"] = project_name request.session["auth_url"] = auth_url if roles_str: request.session["roles"] = roles_str else: request.session["roles"] = None if user_id: request.session["user_id"] = user_id if project_id: request.session["project_id"] = project_id return result, data
def common_login(request, auth_url, user_name, password, domain_name, project_name=None): available_projects = None token = None roles = None roles_str = None project = None user = None keystone = None domain_id = None # =================================UnScope Login================================== if not project_name: result = KeystoneRestAPI.get_token(auth_url, user_name, password, domain_name) if result.get("success"): # request.session.set_expiry(SESSION_COOKIE_AGE) token = result['success'].get('token') roles = result["success"].get("roles") user = result["success"].get("user") if user: user_name = user.get("name") keystone = KeystoneRestAPI(auth_url, token) available_projects = keystone.get_available_project_scopes() # =================================Default 프로젝트================================== if result["success"].get("project"): project = result["success"].get("project") # =================================접근 가능 프로젝트================================== if not project and available_projects.get("success"): if not available_projects["success"].get("projects"): return { "error": { "title": "Forbidden", "message": "모든 프로젝트에 접근 권한이 없습니다." } } else: project = available_projects["success"].get("projects")[0] if project: project_name = project.get("name") # =================================Scope Login================================== result = KeystoneRestAPI.get_token(auth_url, user_name, password, domain_name, project_name) # logger.info("""################## Scope Login ############ # auth_url: {} # user_name: {} # password: {} # domain_name: {} # project_name: {} # result: {}""".format(auth_url, user_name, password, domain_name, project_name, result)) if result.get('success'): request.session["domain_admin"] = False # request.session.set_expiry(SESSION_COOKIE_AGE) token = result['success'].get('token') user = result["success"].get("user") domain_id = user["domain"].get("id") roles = result["success"].get("roles") project = result["success"].get("project") request.session["project_id"] = project.get("id") request.session["project_name"] = project.get("name") if not keystone: keystone = KeystoneRestAPI(auth_url, token) keystone.update_token(token) if not available_projects: available_projects = keystone.get_available_project_scopes() request.session["available_projects"] = [{ "name": available_project.get("name"), "id": available_project.get("id") } for available_project in available_projects["success"].get( "projects")] if roles: roles_str = ','.join(role.get("name") for role in roles) elif user.get("name") == 'admin': roles_str = user.get("name") ctrl_engine = ControlEngine(token=token, project_id=project.get("id"), project_name=project.get("name"), user_id=user.get("id"), user_name=user_name, roles=roles_str, auth_url=auth_url) request.session["ctrl_header"] = ctrl_engine.get_header() # ================================================ request.session["passToken"] = token request.session["user_name"] = user_name request.session["domain_name"] = domain_name request.session["auth_url"] = auth_url request.session["domain_id"] = domain_id request.session["roles"] = roles_str if user: request.session["user_id"] = user.get("id") else: request.session["user_id"] = None if not project: request.session["project_id"] = None request.session["project_name"] = None return result