def verify_user(username, password): try: # usernames with spaces are valid in EE, though they can't be used for cache keys cache_key = '{}-credentials'.format(username.replace(' ', '_espa_cred_insert_')) cache_entry = cache.get(cache_key) if cache_entry: # Need to be encrypted? if cache_entry['password'] == password: user_entry = cache_entry['user_entry'] # User may have changed their password while it was still cached else: user_entry = User.get(username, password) else: user_entry = User.get(username, password) cache_entry = {'password': password, 'user_entry': user_entry} cache.set(cache_key, cache_entry, 7200) user = User(*user_entry) flask.g.user = user # Replace usage with cached version except Exception: logger.info('Invalid login attempt, username: {}'.format(username)) return False return True
def verify_user(username, password): if (username is None) or (not (str(username).strip())): logger.warning('Invalid username supplied: %s', username) flask.g.error_reason = 'auth' return False try: # usernames with spaces are valid in EE, though they can't be used for cache keys cache_key = '{}-credentials'.format( username.replace(' ', '_espa_cred_insert_')) cache_entry = cache.get(cache_key) if cache_entry: # Need to be encrypted? if cache_entry['password'] == password: user_entry = cache_entry['user_entry'] # User may have changed their password while it was still cached else: user_entry = User.get(username, password) else: user_entry = User.get(username, password) cache_entry = {'password': password, 'user_entry': user_entry} cache.set(cache_key, cache_entry, 7200) user = User(*user_entry) flask.g.user = user # Replace usage with cached version except UserException as e: logger.info('Invalid login attempt, username: {}, {}'.format( username, e)) flask.g.error_reason = 'unknown' return False except ERSApiAuthFailedException as e: logger.info('Invalid login attempt, username: {}, {}'.format( username, e)) flask.g.error_reason = 'auth' return False except ERSApiErrorException as e: logger.info('ERS lookup failed, username: {}, {}'.format(username, e)) flask.g.error_reason = 'unknown' return False except ERSApiConnectionException as e: logger.info('ERS is down {}'.format(e)) flask.g.error_reason = 'conn' return False except DBConnectException as e: logger.critical('! Database reported a problem: {}'.format(e)) flask.g.error_reasons = 'db' return False except Exception: logger.info('Invalid login attempt, username: {}'.format(username)) flask.g.error_reason = 'unknown' return False return True
def load_user(request): token = request.headers.get('Authorization') api_user = None if not token: token = request.args.get('token') if token: token = token.replace('Basic ', '', 1) try: token = base64.b64decode(token) except TypeError: pass username, password = token.split(":") # naive token user_entry = User.get(username, password) if user_entry: user = User(*user_entry) if user.id: api_user = user return api_user