def create(self,
user,
password=None,
expires=knox_settings.TOKEN_TTL,
return_instance=False):
token = crypto.create_token_string()
salt = crypto.create_salt_string()
digest = crypto.hash_token(token, salt)
encrypted = None
if password:
fernet = Fernet(crypto.derive_fernet_key(password, salt))
encrypted = fernet.encrypt(encoding.force_bytes(token))
if expires is not None:
expires = timezone.now() + expires
auth_token = super(AuthTokenManager, self).create(digest=digest,
salt=salt,
encrypted=encrypted,
user=user,
expires=expires)
if return_instance:
return auth_token
return token # Note only the token - not the AuthToken object - is returned
def _create_user_tokens(self):
# Hard code tokens used in gcapi integration tests
user_tokens = {
"admin": "1b9436200001f2eaf57cd77db075cbb60a49a00a",
"retina": "f1f98a1733c05b12118785ffd995c250fe4d90da",
"algorithmuser": "******",
"readerstudy": "01614a77b1c0b4ecd402be50a8ff96188d5b011d",
settings.RETINA_IMPORT_USER_NAME: "e8db90bfbea3c35f40b4537fdca9b3bf1cd78a51",
}
out = f"{'*' * 80}\n"
for user, token in user_tokens.items():
salt = crypto.create_salt_string()
digest = crypto.hash_token(token, salt)
AuthToken(
token_key=token[: CONSTANTS.TOKEN_KEY_LENGTH],
digest=digest,
salt=salt,
user=self.users[user],
expiry=None,
).save()
out += f"\t{user} token is: {token}\n"
out += f"{'*' * 80}\n"
logger.debug(out)
def _create_user_tokens(users):
# Hard code tokens used in gcapi integration tests
user_tokens = {
"admin": "1b9436200001f2eaf57cd77db075cbb60a49a00a",
"retina": "f1f98a1733c05b12118785ffd995c250fe4d90da",
"readerstudy": "01614a77b1c0b4ecd402be50a8ff96188d5b011d",
"demop": "00aa710f4dc5621a0cb64b0795fbba02e39d7700",
}
out = f"{'*' * 80}\n"
for user, token in user_tokens.items():
salt = crypto.create_salt_string()
digest = crypto.hash_token(token, salt)
AuthToken(
token_key=token[:CONSTANTS.TOKEN_KEY_LENGTH],
digest=digest,
salt=salt,
user=users[user],
expiry=None,
).save()
out += f"\t{user} token is: {token}\n"
out += f"{'*' * 80}\n"
logger.debug(out)
def create(self, user, time=knox_settings.DEFAULT_TOKEN_TTL, use=knox_settings.DEFAULT_TOKEN_USE):
token = crypto.create_token_string()
salt = crypto.create_salt_string()
digest = crypto.hash_token(token, salt)
auth_token = super(AuthTokenManager, self).create(digest=digest, salt=salt, user=user, time=time, use=use)
return token # Note only the token - not the AuthToken object - is returned
def create_and_return(self, **kwargs):
token = crypto.create_token_string()
salt = crypto.create_salt_string()
digest = crypto.hash_token(token, salt)
expires = kwargs.get('expires', None)
if expires is not None:
expires = timezone.now() + expires
kwargs.update({
'digest': digest,
'salt': salt,
'expires': expires,
'token_key': token[:CONSTANTS.TOKEN_KEY_LENGTH]
})
auth_token = super(AuthTokenManager, self).create(**kwargs)
auth_token.token = token
return auth_token
kwargs.update({
'digest': digest,
'salt': salt,
'expires': expires
})
auth_token = super(AuthTokenManager, self).create(**kwargs)
auth_token.token = token
return auth_token
def create_unsafe(self, user, expires=knox_settings.TOKEN_TTL):
token = crypto.create_token_string()
salt = crypto.create_salt_string()
digest = crypto.hash_token(token, salt)
if expires is not None:
expires = timezone.now() + expires
auth_token = super(AuthTokenManager, self).create(digest=digest, salt=salt, user=user, expires=expires)
return auth_token, token # Note only the token - not the AuthToken object - is returned
def create(self, user, expires=knox_settings.TOKEN_TTL):
token = crypto.create_token_string()
salt = crypto.create_salt_string()
digest = crypto.hash_token(token, salt)
if expires is not None:
expires = timezone.now() + expires
auth_token = super(AuthTokenManager, self).create(digest=digest, salt=salt, user=user, expires=expires, token_slice=token[:16])
return token # Note only the token - not the AuthToken object - is returned
def create(self, user, expiry=knox_settings.TOKEN_TTL):
token = crypto.create_token_string()
salt = crypto.create_salt_string()
digest = crypto.hash_token(token, salt)
if expiry is not None:
expiry = timezone.now() + expiry
instance = super(AuthTokenManager, self).create(
token_key=token[:CONSTANTS.TOKEN_KEY_LENGTH], digest=digest,
salt=salt, user=user, expiry=expiry)
return instance, token
def create(self, user, expires=knox_settings.TOKEN_TTL):
token = crypto.create_token_string()
salt = crypto.create_salt_string()
digest = crypto.hash_token(token, salt)
if expires is not None:
expires = timezone.now() + expires
super(AuthTokenManager, self).create(
token_key=token[:CONSTANTS.TOKEN_KEY_LENGTH], digest=digest,
salt=salt, user=user, expires=expires)
# Note only the token - not the AuthToken object - is returned
return token
def create(self, user, expiry=knox_settings.TOKEN_TTL):
token = crypto.create_token_string()
salt = crypto.create_salt_string()
digest = crypto.hash_token(token, salt)
if expiry is not None:
expiry = timezone.now() + expiry
instance = super(AuthTokenManager, self).create(
token_key=token[:CONSTANTS.TOKEN_KEY_LENGTH],
digest=digest,
salt=salt,
user=user,
expiry=expiry)
return instance, token
def create(self, user, expires=knox_settings.TOKEN_TTL):
token = crypto.create_token_string()
salt = crypto.create_salt_string()
digest = crypto.hash_token(token, salt)
if expires is not None:
expires = timezone.now() + expires
super(AuthTokenManager,
self).create(token_key=token[:CONSTANTS.TOKEN_KEY_LENGTH],
digest=digest,
salt=salt,
user=user,
expires=expires)
# Note only the token - not the AuthToken object - is returned
return token
def create(
self, user, password=None, expires=knox_settings.TOKEN_TTL,
return_instance=False):
token = crypto.create_token_string()
salt = crypto.create_salt_string()
digest = crypto.hash_token(token, salt)
encrypted = None
if password:
fernet = Fernet(crypto.derive_fernet_key(password, salt))
encrypted = fernet.encrypt(encoding.force_bytes(token))
if expires is not None:
expires = timezone.now() + expires
auth_token = super(AuthTokenManager, self).create(
digest=digest, salt=salt, encrypted=encrypted,
user=user, expires=expires)
if return_instance:
return auth_token
return token # Note only the token - not the AuthToken object - is returned
