def setUp(self): self.plugin = BSONBottlePlugin() self.ip = "84.34.13.122" self.callback = Mock(wraps=self._callback) self.callbacknobson = Mock(wraps=self._callbackno) bottle.request.environ['REMOTE_ADDR'] = self.ip bottle.request.environ['CONTENT_TYPE'] = 'application/bson' self.context = Mock() self.context.callback = self._callback self.contextnobson = Mock(wraps=self._callbackno) self.contextnobson.callback = self._callbackno self.__set_bson_content({"therivermen": "ehhhhhmacarena"})
def install_plugins(self): self.bsonplugin = BSONBottlePlugin() # BiiResponse plugin. All rest methods has to return # (data serializable | None, biiresponse) or throw BiiServiceException subclass logger.info("Installing BiiReturnHandlerPlugin plugin...") self.biiresponseplugin = BiiReturnHandlerPlugin(self.bsonplugin) self.install(self.biiresponseplugin) # Very first of all, check SSL or die if BII_SSL_ENABLED: # In heroku true for all environments logger.info("Installing NonSSLBlockerBottlePlugin plugin...") nonsslblock = NonSSLBlockerBottlePlugin() self.install(nonsslblock) # First of all, check DOS attacks by IP to the API # Counts IP request, raise 401 if banned if getattr(self.store, 'ip_mc_collection', False): logger.info("Installing massive DOS blocker...") doslogin = DOSBlockerBottlePlugin(self.store.ip_mc_collection, delta=BII_DOS_ATTACK_DELTA_TIME, max_events=BII_DOS_ATTACK_MAX_REQUEST, bantime=BII_DOS_ATTACK_BAN_TIME, callback_ip_banned=self.callback_ip_banned_for_DOS, banned_http_response=self.banned_http_response_for_DOS) # TODO: Maybe configure a log alert (heroku) if we return 401 banned # to analyze the case and adjust limits? self.install(doslogin) # Second, check Http Basic auth logger.info("Installing http basic authentication plugin...") httpplugin = HttpBasicAuthenticationBottlePlugin() self.install(httpplugin) # And check auth JWT logger.info("Installing JWT authentication plugin...") jwt_manager = JWTCredentialsManagerFactory.new(self.store) jwt_plugin = JWTAuthenticationBottlePlugin(jwt_manager) self.install(jwt_plugin) # Third check excess of login error for an IP # Catch generic 401 (or 404 or other) error from authentication and stores IP, # raise 401 if already banned if getattr(self.store, 'ip_mc_collection', False): logger.info("Installing massive error blocker...") massiveerrorplugin = MassiveErrorBlockerBottlePlugin( self.store.ip_mc_collection, delta=BII_ERROR_ATTACK_DELTA_TIME, max_events=BII_ERROR_ATTACK_MAX_ATTEMPTS, bantime=BII_ERROR_ATTACK_BAN_TIME, callback_ip_banned=self.callback_ip_banned_for_many_errors, banned_http_response=self.banned_http_response_for_many_errors) self.install(massiveerrorplugin) # Last, parse BSON data logger.info("Installing bson plugin...") self.install(self.bsonplugin) # Logging actions if BII_ENABLED_BII_USER_TRACE: self.tracebottleplugin = BiiUserTraceBottlePlugin() logger.info("Installing BiiUserTraceBottlePlugin plugin...") self.install(self.tracebottleplugin)