def get_login_user(request): key = request.META.get('HTTP_AUTHORIZATION', None) if not key: key = request.META.get('HTTP_AUTH', None) if not key: key = request.META.get('HTTP_HTTP_AUTH', None) if not key: return None, dict(error_codename="empty_hmac") try: at = HMACToken(key) if not at.check_expiration(settings.TIMEOUT): return None, dict(error_codename="expired_hmac_key") v = verifyhmac(settings.SHARED_SECRET, key, settings.TIMEOUT, at=at) if not v: return None, dict(error_codename="invalid_hmac") user = User.objects.get(username=at.get_userid()) except: return None, dict(error_codename="invalid_hmac_userid") return user, None
def test_authenticate(self): c = JClient() data = {'username': '******', 'password': '******'} response = c.authenticate(self.aeid, data) self.assertEqual(response.status_code, 200) r = json.loads(response.content.decode('utf-8')) self.assertEqual(r['status'], 'ok') self.assertEqual(verifyhmac(settings.SHARED_SECRET, r['auth-token']), True) time.sleep(3) self.assertEqual(verifyhmac(settings.SHARED_SECRET, r['auth-token'], seconds=3), False) data = {'username': '******', 'password': '******'} response = c.authenticate(self.aeid, data) self.assertEqual(response.status_code, 400)
def test_getperms_perm(self): c = JClient() c.authenticate(self.aeid, test_data.pwd_auth) data = {"object_type": "User", "permission": "create"} response = c.post('/api/get-perms/', data) self.assertEqual(response.status_code, 200) r = json.loads(response.content.decode('utf-8')) self.assertEqual(r['status'], 'ok') self.assertEqual( verifyhmac(settings.SHARED_SECRET, r['permission-token']), True)
def test_getperms_perm(self): c = JClient() c.authenticate(self.aeid, test_data.pwd_auth) data = { "object_type": "User", "permission": "create" } response = c.post('/api/get-perms/', data) self.assertEqual(response.status_code, 200) r = json.loads(response.content.decode('utf-8')) self.assertEqual(r['status'], 'ok') self.assertEqual(verifyhmac(settings.SHARED_SECRET, r['permission-token']), True)
def get_login_user(request): key = request.META.get('HTTP_AUTHORIZATION', None) if not key: key = request.META.get('HTTP_AUTH', None) if not key: key = request.META.get('HTTP_HTTP_AUTH', None) if not key: return None v = verifyhmac(settings.SHARED_SECRET, key, settings.TIMEOUT) if not v: return None try: at = AuthToken(key) user = User.objects.get(username=at.userid) except: return None return user
def get_login_user(request): key = get_auth_key(request) hmac_token = None if not key: return None, dict(error_codename="empty_hmac"), hmac_token try: hmac_token = HMACToken(key) if not hmac_token.check_expiration(settings.TIMEOUT): return None, dict(error_codename="expired_hmac_key"), hmac_token v = verifyhmac(settings.SHARED_SECRET, key, settings.TIMEOUT, at=hmac_token) if not v: return None, dict(error_codename="invalid_hmac"), hmac_token user = User.objects.get(username=hmac_token.get_userid()) except: return None, dict(error_codename="invalid_hmac_userid"), hmac_token return user, None, hmac_token