class TokenQuery(object): def __init__(self, router): self._token = Token(router) def get(self, key): return self._token.get(key, first=True) def put(self, key, value): return self._token.put(key, value) def delete(self, key): return self._token.delete(key)
def create_token(login, login_type=None): if login_type == "jid": raise RuntimeError("Tokens can only be sent by email.") token = Token.create(login) TokenMailer(login, token["token"]).deliver() commit() return token
def GetUserToken(uID, tokenMaxAge=None): u = GetUserByID(uID) if u: t = Token(created=time.time(), token=secrets.token_urlsafe(), expires=time.time() + GetTokenMaxAge(uID) if tokenMaxAge == None else time.time() + tokenMaxAge) u.currentTokens.append(t) ct = 0 for _ in range(len(u.currentTokens)): if u.currentTokens[ct].expires < time.time(): u.currentTokens.pop(ct) # Remove expired token and don't update index else: ct += 1 try: u.save() return { 'code': 0, 'message': 'Successfully got the token', 'token': t.token } except: return { 'code': -1, 'message': 'Could not acquire token', 'token': None } return {'code': -1, 'message': 'Could not acquire token', 'token': None}
def post_user_exercises(user_id): if Token.checkValid(user_id, request.path, request.json) == False: abort(403) try: ex_id = request.json['exercise'] except Exception: abort(400) uuid = Docker.add(user_id, ex_id) return jsonify({'user': user_id,'exercise': ex_id, 'path': "/ex/"+addAct.uuid}), 201
def get_user_exercises(user_id, ex_id): if Token.invalid(user_id, request.path, request.json): abort(403) user = User.get(user_id) if user == None: abort(404) exercise = user.getExercise(ex_id) if exercise == None: abort(404) return jsonify(exercise)
def create_token(login, login_type): if login_type == "jid": login = resolve_alias(login) tmp = tempfile.mktemp(suffix="", prefix="", dir="") token = Token(token=tmp, login=login, login_type=login_type, active=1) token.put(force_insert=True) base_url = get_setting("web_api_root", "http://localhost:8080").rstrip("/") url = "%s/api/auth?token=%s" % (base_url, tmp) message = "A third-party application is requesting access to your account. If that was you, follow this link:\n%s\n" % url if login_type == "jid": msg = Message(re=login, message=message) msg.put() else: run(["mail", "-s", "Your token", login], stdin_data=message) commit() return url
def confirm_token(token): saved = Token.get_by_id(token) if saved is None: return False if saved["active"]: return False saved["active"] = 1 saved.put() return True
def delete_user_exercice(user_id, ex_id): if Token.invalid(user_id, request.path, request.json): abort(403) delAct = users.delExercise(user_id, ex_id) if delAct.status == 404: abort(404) try: nginx.delete_nginx(delAct.uuid) delete_docker(delAct.did) delAct.delete() except Exception: abort(500) return jsonify({'status': "Deleted"}), 202
def get_token_by_id(user_id): try: password = request.json['password'] except Exception: abort(400) user = User.get(user_id) if user == None: abort(404) if user.checkPassword(password): token = Token.add(user.id) return jsonify({'user': user.id, 'token': token.token}), 201 else: abort(403)
def post_user_exercises(user_id): if Token.checkValid(user_id, request.path, request.json) == False: abort(403) try: ex_id = request.json['exercise'] except Exception: abort(400) uuid = Docker.add(user_id, ex_id) return jsonify({ 'user': user_id, 'exercise': ex_id, 'path': "/ex/" + addAct.uuid }), 201
def get_token_by_id(user_id): try : password = request.json['password'] except Exception: abort(400) user = User.get(user_id) if user == None: abort(404) if user.checkPassword(password): token = Token.add(user.id) return jsonify({'user': user.id, 'token': token.token}), 201 else: abort(403)
def get_active_tokens(): """Returns active tokens""" return [t for t in Token.find_all() if t["active"]]
def delete_user(user_id): if Token.invalid(user_id, request.path, request.json): if not Token.isLevel(request.path, request.json, Level.ADMIN): abort(403) User.delete(user_id) return jsonify({'status': 'Deleted'}), 402
def get_id_by_token(token): saved = Token.get_by_id(token) if saved is None or not saved["active"]: return None return saved["login"]
def __init__(self, router): self._token = Token(router)