def post(self, request):
"""Perform a login operation. The headers must contain a valid
``AUTHORIZATION`` token, signed by the application sending the request
"""
ensure_service_user(request)
model = self.get_model(request)
form = auth_form(request, model.form)
if form.is_valid():
model = self.get_model(request)
auth_backend = request.cache.auth_backend
data = form.cleaned_data
maxexp = date_from_now(request.config['MAX_TOKEN_SESSION_EXPIRY'])
expiry = min(data.pop('expiry', maxexp), maxexp)
user_agent = data.pop('user_agent', None)
ip_address = data.pop('ip_address', None)
try:
user = auth_backend.authenticate(request, **data)
token = auth_backend.create_token(request, user,
expiry=expiry,
description=user_agent,
ip_address=ip_address,
session=True)
except AuthenticationError as exc:
form.add_error_message(str(exc))
data = form.tojson()
else:
request.response.status_code = 201
data = model.tojson(request, token)
else:
data = form.tojson()
return self.json_response(request, data)
def post(self, request):
"""Perform a login operation. The headers must contain a valid
``AUTHORIZATION`` token, signed by the application sending the request
"""
ensure_service_user(request)
model = self.get_model(request)
form = auth_form(request, model.form)
if form.is_valid():
model = self.get_model(request)
auth_backend = request.cache.auth_backend
data = form.cleaned_data
maxexp = date_from_now(request.config['MAX_TOKEN_SESSION_EXPIRY'])
expiry = min(data.pop('expiry', maxexp), maxexp)
user_agent = data.pop('user_agent', None)
ip_address = data.pop('ip_address', None)
try:
user = auth_backend.authenticate(request, **data)
token = auth_backend.create_token(request,
user,
expiry=expiry,
description=user_agent,
ip_address=ip_address,
session=True)
except AuthenticationError as exc:
form.add_error_message(str(exc))
data = form.tojson()
else:
request.response.status_code = 201
data = model.tojson(request, token)
else:
data = form.tojson()
return self.json_response(request, data)
def login(self, request, **data):
api = request.api
seconds = request.config['SESSION_EXPIRY']
data['user_agent'] = self._user_agent(request)
data['ip_address'] = request.get_client_address()
data['expiry'] = iso8601(date_from_now(seconds))
response = api.authorizations.post(json=data, jwt=True)
token = response.json()
session = self._create_session(request, token)
request.cache.session = session
return token
def login(self, request, **data):
api = request.api
seconds = request.config['SESSION_EXPIRY']
data['user_agent'] = self._user_agent(request)
data['ip_address'] = request.get_client_address()
data['expiry'] = iso8601(date_from_now(seconds))
response = api.authorizations.post(json=data, jwt=True)
token = response.json()
session = self._create_session(request, token)
request.cache.session = session
return token
def post_load(self, data):
"""Perform authentication by creating a session token if possible
"""
session = self.model.object_session(data)
maxexp = date_from_now(session.config['MAX_TOKEN_SESSION_EXPIRY'])
data['user'] = session.auth.authenticate(session, **data)
if not data['user']:
raise ValidationError('Invalid username or password')
data.pop('username')
data.pop('password')
data['session'] = True
data['expiry'] = min(data.get('expiry') or maxexp, maxexp)
# create the db token
tokens = session.models['tokens']
return tokens.create_one(session, data, tokens.model_schema)