def create_session_token(sender, user, request, **kwargs): auth_token = AuthToken(user=user, api_server_url=settings.API_SERVER_URL) auth_token.update_expiration() auth_token.save() request.session['username'] = auth_token.user.username request.session['token'] = auth_token.key return auth_token
def auth_response(request): """ Create a new AuthToken for the user, then return the Token & API URL AuthTokens will expire after a predefined time (See #/auth/utils.py:settings.TOKEN_EXPIRY_TIME) AuthTokens will be re-newed if the user is re-authenticated by CAS at expiry-time """ logger.debug("Creating Auth Response") api_server_url = settings.API_SERVER_URL #login validation response = HttpResponse() response['Access-Control-Allow-Origin'] = '*' response['Access-Control-Allow-Methods'] = 'POST, GET, OPTIONS' response['Access-Control-Max-Age'] = 1000 response['Access-Control-Allow-Headers'] = '*' response['X-Server-Management-Url'] = api_server_url response['X-Storage-Url'] = "http://" response['X-CDN-Management-Url'] = "http://" token = str(uuid.uuid4()) username = request.META['HTTP_X_AUTH_USER'] response['X-Auth-Token'] = token #New code: If there is an 'emulate_user' parameter: if 'HTTP_X_EMULATE_USER' in request.META: # AND user has permission to emulate if userCanEmulate(username): logger.debug("EMULATION REQUEST:" "Generating AuthToken for %s -- %s" % (request.META['HTTP_X_EMULATE_USER'], username)) response['X-Auth-User'] = request.META['HTTP_X_EMULATE_USER'] response['X-Emulated-By'] = username #then this token is for the emulated user auth_user_token = AuthToken( user=request.META['HTTP_X_EMULATE_USER'], issuedTime=datetime.now(), remote_ip=request.META['REMOTE_ADDR'], api_server_url=api_server_url ) else: logger.warn("EMULATION REQUEST:User deemed Unauthorized : %s" % (username,)) #This user is unauthorized to emulate users - Don't create a token! return HttpResponse("401 UNAUTHORIZED TO EMULATE", status=401) else: #Normal login, no user to emulate response['X-Auth-User'] = username auth_user_token = AuthToken( user=username, issuedTime=datetime.now(), remote_ip=request.META['REMOTE_ADDR'], api_server_url=api_server_url ) auth_user_token.save() return response
def createAuthToken(username): """ returns a new token for username """ user = User.objects.get(username=username) auth_user_token = AuthToken(user=user, api_server_url=settings.API_SERVER_URL) auth_user_token.update_expiration() auth_user_token.save() return auth_user_token
def create_session_token(sender, user, request, **kwargs): auth_token = AuthToken( user=user, api_server_url=settings.API_SERVER_URL ) auth_token.update_expiration() auth_token.save() request.session['username'] = auth_token.user.username request.session['token'] = auth_token.key return auth_token
def createAuthToken(username): """ returns a new token for username """ user = User.objects.get(username=username) auth_user_token = AuthToken( user=user, api_server_url=settings.API_SERVER_URL ) auth_user_token.update_expiration() auth_user_token.save() return auth_user_token
def createAuthToken(username): """ returns a new token for username """ # NOTE: REMOVE this when it is no longer true! # Force any username lookup to be in lowercase if not username: return None username = username.lower() user = User.objects.get(username=username) auth_user_token = AuthToken(user=user, api_server_url=settings.API_SERVER_URL) auth_user_token.update_expiration() auth_user_token.save() return auth_user_token
def authenticate(self): from authentication.models import Token self.user = Token.authenticate(self.token) if self.user: self.on_authenticated() else: self.send_message(pb.TxTokenInvalid()) return
def emulate_request(request, username=None): try: logger.info("Emulate attempt: %s wants to be %s" % (request.user, username)) logger.info(request.session.__dict__) if not username and 'emulated_by' in request.session: logger.info("Clearing emulation attributes from user") request.session['username'] = request.session['emulated_by'] del request.session['emulated_by'] # Allow user to fall through on line below try: user = DjangoUser.objects.get(username=username) except DjangoUser.DoesNotExist: logger.info("Emulate attempt failed. User <%s> does not exist" % username) return HttpResponseRedirect( settings.REDIRECT_URL + "/api/v1/profile") logger.info("Emulate success, creating tokens for %s" % username) token = AuthToken( user=user, key=str(uuid.uuid4()), issuedTime=datetime.now(), remote_ip=request.META['REMOTE_ADDR'], api_server_url=settings.API_SERVER_URL ) token.save() # Keep original emulator if it exists, or use the last known username original_emulator = request.session.get( 'emulated_by', request.session['username']) request.session['emulated_by'] = original_emulator # Set the username to the user to be emulated # to whom the token also belongs request.session['username'] = username request.session['token'] = token.key logger.info("Returning emulated user - %s - to api profile " % username) logger.info(request.session.__dict__) logger.info(request.user) return HttpResponseRedirect(settings.REDIRECT_URL + "/api/v1/profile") except Exception as e: logger.warn("Emulate request failed") logger.exception(e) return HttpResponseRedirect(settings.REDIRECT_URL + "/api/v1/profile")
def createAuthToken(username): """ returns a new token for username """ # NOTE: REMOVE this when it is no longer true! # Force any username lookup to be in lowercase if not username: return None username = username.lower() user = User.objects.get(username=username) auth_user_token = AuthToken( user=user, api_server_url=settings.API_SERVER_URL ) auth_user_token.update_expiration() auth_user_token.save() return auth_user_token
def emulate_request(request, username=None): try: logger.info("Emulate attempt: %s wants to be %s" % (request.user, username)) logger.info(request.session.__dict__) if not username and 'emulated_by' in request.session: logger.info("Clearing emulation attributes from user") request.session['username'] = request.session['emulated_by'] del request.session['emulated_by'] #Allow user to fall through on line below try: user = DjangoUser.objects.get(username=username) except DjangoUser.DoesNotExist: logger.info("Emulate attempt failed. User <%s> does not exist" % username) return HttpResponseRedirect(settings.REDIRECT_URL+"/api/v1/profile") logger.info("Emulate success, creating tokens for %s" % username) token = AuthToken( user=user, key=str(uuid.uuid4()), issuedTime=datetime.now(), remote_ip=request.META['REMOTE_ADDR'], api_server_url=settings.API_SERVER_URL ) token.save() #Keep original emulator if it exists, or use the last known username original_emulator = request.session.get( 'emulated_by', request.session['username']) request.session['emulated_by'] = original_emulator #Set the username to the user to be emulated #to whom the token also belongs request.session['username'] = username request.session['token'] = token.key logger.info("Returning emulated user - %s - to api profile " % username) logger.info(request.session.__dict__) logger.info(request.user) return HttpResponseRedirect(settings.REDIRECT_URL+"/api/v1/profile") except Exception, e: logger.warn("Emulate request failed") logger.exception(e) return HttpResponseRedirect(settings.REDIRECT_URL+"/api/v1/profile")
def login(self, message: pb.RxLogin): user = authenticate(username=message.proto.username, password=message.proto.password) if user is None: message = pb.TxLoginError( pb.TxLoginError.proto(error_text='Napačni prijavni podatki', error_code='login-error')) else: message = pb.TxLoginToken( pb.TxLoginToken.proto(token=Token.create(user))) self.consumer.send_message(message)
def issue_token(self, owner=None): from authentication.models import Token token = Token(user=self, owner=owner) token.save() return token.key