def create_user(): try: username = raw_input("Username: "******"Email: ").strip() while True: password = getpass("Password: "******" (confirm): ") if password_confirm == password: break else: print("Passwords do not match... Try again...") u = User(username=username) u.email = email # check for org org = Organization.get_by_name("default") if not org: org = Organization() org.name = "default" org.owner = u.uuid org.save() u.organization = Organization.get_by_name("default").uuid u.set_password(password) u.add_role("admin") u.save() print("User created/updated successfully...") except KeyboardInterrupt: pass
def get_provider_info(provider=None, organization=None, account=None): data = {} if not organization: organization = request.args.get('organization', None) if not account: account = request.args.get('account', None) organization = Organization.get_by_name(organization) account = Account.query.filter({'organization': organization.uuid, 'name': account}).first() provider_id = None provider_key = None provider_data = None if account: provider_id = account.provider_id provider_key = account.provider_key provider_data = { 'keypair': account.keypair, 'default_images': account.default_images, } data.update( provider = provider, provider_id = provider_id, provider_key = provider_key, provider_data = provider_data ) return data
def decorated(*args, **kwargs): api_key = None if 'apikey' in request.form: api_key = request.form.get('apikey') elif 'X-Api-Key' in request.headers.keys(): api_key = request.headers.get('X-Api-Key') # validate if not api_key: data = {'error': messages.NO_API_KEY} return generate_api_response(data, 401) user = User.get_by_api_key(api_key=api_key) organization = Organization.get_by_api_key(api_key=api_key) if not user and not organization: data = {'error': messages.INVALID_API_KEY} return generate_api_response(data, 401) requested_org = kwargs.get('organization','') # check that user is active if user: session['user'] = user # allow admins to see all orgs if user.is_admin(): session['organization'] = Organization.get_by_name(requested_org) else: session['organization'] = Organization.get_by_uuid(user.organization) if not user.active: data = {'error': messages.ACCOUNT_INACTIVE} return generate_api_response(data, 403) if organization: session['organization'] = organization # check that user is authorized for the desired organization if requested_org and requested_org != session.get('organization').name.lower(): data = {'error': messages.ACCESS_DENIED} return generate_api_response(data, 403) return f(*args, **kwargs)
def decorated(*args, **kwargs): # load provider info org = Organization.get_by_name(kwargs.get("organization")) org_name = None if org: org_name = org.name info = get_provider_info(kwargs.get("provider"), org_name, kwargs.get("account")) session["provider_info"] = info # check for info ; if missing return error if not info.get("provider_id") or not info.get("provider_key"): data = {"error": "Invalid or missing provider account information"} return generate_api_response(data, 400) return f(*args, **kwargs)
def login(): """ User login """ form = request.form if request.method == 'POST': organization = Organization.get_by_name(form.get('organization').lower()) # validate user = User.get_by_username(form.get('username'), organization.uuid) if user: if utils.hash_password(form.get('password')) == user.password: login_user(user) session['user'] = user session['organization'] = organization current_app.logger.info('User {0} ({1}) login from {2}'.format(user.username, organization.name, \ request.remote_addr)) return redirect(request.args.get("next") or url_for("index")) current_app.logger.warn('Invalid login for {0} ({1}) from {2}'.format(form.get('username'), organization.name, \ request.remote_addr)) flash(messages.INVALID_USERNAME_OR_PASSWORD, 'error') ctx = { } return render_template('accounts/login.html', **ctx)