def authorized(): token = request.values['token'] user = User.verify_auth_token(token) if user: return "True" else: return "False"
def handle_start_event(self, json): """ json is a dictionary version of data sent to backend """ logging.info('received json: ' + str(json)) # authenticate socket token = json['token'] user = User.verify_auth_token(token) if not user: return # fetch projects permissions = Permission.query.filter_by(u_id=user.id).all() # for all the p_id in permissions, there'd be chatrooms in self.rooms # search and add user to respective rooms for permission in permissions: # for each project with p_id, search rooms # socketio.join_room(room, sid=None, namespace=None) """ - a client is always registered as a room with name equal to the session id of the client. - so the rooms can safely be named as stringified versions of the project id. - thus, an abstraction is unnecessary. if it will be, it'll be considered during later developments. - so joining the actual socketio room would be enough """ join_room(str(permission.p_id)) socket_storage = {'s_id': request.sid, 'u_id': user.id} self.sockets.append(socket_storage)
def handle_file_save(self, json_req): """ json_req: { "p_id": process id "content": content of the file "comment": comment for file-save, defaults to None } """ p_id = json_req['p_id'] content = json_req['content'] comment = json_req.get('comment', "") user = User.verify_auth_token(json_req['token']) perm = self.permission_check_emit(user.id, int(p_id)) # if permission is correct and file saved properly if perm and self.fm.save_file(int(p_id), content, user, comment): # send service message message_ = "[service message] saved changes" new_message = self.cm.add_message( user, message_, str(p_id), message_type=MessageType.SYSTEM_MESSAGE) new_message_dict = get_message_dict(new_message) socketio.emit('chat-message-client', json.dumps(new_message_dict), room=str(p_id)) # emit file-changed event to trigger reload of flight track socketio.emit('file-changed', json.dumps({ "p_id": p_id, "u_id": user.id }), room=str(p_id))
def handle_file_save(self, json_req): """ json_req: { "op_id": operation id "content": content of the file "comment": comment for file-save, defaults to None } """ op_id = json_req['op_id'] content = json_req['content'] comment = json_req.get('comment', "") user = User.verify_auth_token(json_req['token']) if user is not None: # when the socket connection is expired this in None and also on wrong tokens perm = self.permission_check_emit(user.id, int(op_id)) # if permission is correct and file saved properly if perm and self.fm.save_file(int(op_id), content, user, comment): # send service message message_ = f"[service message] **{user.username}** saved changes" new_message = self.cm.add_message(user, message_, str(op_id), message_type=MessageType.SYSTEM_MESSAGE) new_message_dict = get_message_dict(new_message) socketio.emit('chat-message-client', json.dumps(new_message_dict)) # emit file-changed event to trigger reload of flight track socketio.emit('file-changed', json.dumps({"op_id": op_id, "u_id": user.id})) else: logging.debug(f'login expired for {user.username}, state unauthorized!')
def handle_message_delete(self, socket_message): message_id = socket_message["message_id"] op_id = socket_message["op_id"] user = User.verify_auth_token(socket_message['token']) if user is not None: perm = self.permission_check_emit(user.id, int(op_id)) if perm: self.cm.delete_message(message_id) socketio.emit('delete-message-client', json.dumps({"message_id": message_id}))
def update_operation_list(self, json_config): """ json_config has: - token: authentication token """ token = json_config["token"] user = User.verify_auth_token(token) if not user: return socketio.emit('operation-list-update')
def test_get_auth_token(self): assert add_user(self.userdata[0], self.userdata[1], self.userdata[2]) with self.app.test_client() as test_client: token = self._get_token(test_client, self.userdata) assert User.verify_auth_token(token) response = test_client.post('/token', data={ "email": self.userdata[0], "password": "******" }) assert response.status_code == 200 assert response.data.decode('utf-8') == "False"
def join_creator_to_room(self, json_config): """ json_config has: - token: authentication token - p_id: project id """ token = json_config['token'] user = User.verify_auth_token(token) if not user: return p_id = json_config['p_id'] join_room(str(p_id))
def join_creator_to_operation(self, json_config): """ json_config has: - token: authentication token - op_id: operation id """ token = json_config['token'] user = User.verify_auth_token(token) if not user: return op_id = json_config['op_id'] join_room(str(op_id))
def wrapper(*args, **kwargs): try: user = User.verify_auth_token(request.form.get('token', False)) except TypeError: logging.debug("no token in request form") abort(404) if not user: return "False" else: # saving user details in flask.g g.user = user return func(*args, **kwargs)
def authorized(): token = request.args.get('token', request.form.get('token')) user = User.verify_auth_token(token) if user is not None: if mscolab_settings.USER_VERIFICATION: if user.confirmed is False: return "False" else: return "True" else: return "True" else: return "False"
def handle_message_edit(self, socket_message): message_id = socket_message["message_id"] op_id = socket_message["op_id"] new_message_text = socket_message["new_message_text"] user = User.verify_auth_token(socket_message["token"]) if user is not None: perm = self.permission_check_emit(user.id, int(op_id)) if perm: self.cm.edit_message(message_id, new_message_text) socketio.emit('edit-message-client', json.dumps({ "message_id": message_id, "new_message_text": new_message_text }))
def handle_message(self, _json): """ json is a dictionary version of data sent to back-end """ op_id = _json['op_id'] reply_id = int(_json["reply_id"]) user = User.verify_auth_token(_json['token']) if user is not None: perm = self.permission_check_emit(user.id, int(op_id)) if perm: new_message = self.cm.add_message(user, _json['message_text'], str(op_id), reply_id=reply_id) new_message_dict = get_message_dict(new_message) if reply_id == -1: socketio.emit('chat-message-client', json.dumps(new_message_dict)) else: socketio.emit('chat-message-reply-client', json.dumps(new_message_dict))
def wrapper(*args, **kwargs): try: user = User.verify_auth_token(request.args.get('token', request.form.get('token', False))) except TypeError: logging.debug("no token in request form") abort(404) if not user: return "False" else: # saving user details in flask.g if mscolab_settings.USER_VERIFICATION: if user.confirmed: g.user = user return func(*args, **kwargs) else: return "False" else: g.user = user return func(*args, **kwargs)
def test_handle_start_event(self): pytest.skip("unknown how to verify") sio = self._connect() json_config = {"token": self.token} assert User.verify_auth_token(self.token) is not False sio.emit('start', json_config)