async def authenticate(self, request):
body = await decode_request(request)
required_fields = ['voter_id', 'password']
validate_fields(required_fields, body)
password = bytes(body.get('password'), 'utf-8')
voter = await self._database.fetch_voter_resource(
voter_id=body.get('voter_id'))
if voter is None:
raise ApiUnauthorized('Incorrect voter_id or password')
auth_info = await self._database.fetch_auth_resource(
public_key=voter.get('public_key'))
if auth_info is None:
raise ApiUnauthorized('No voter with that public key exists')
hashed_password = auth_info.get('hashed_password')
if not bcrypt.checkpw(password, bytes.fromhex(hashed_password)):
raise ApiUnauthorized('Incorrect public key or password')
user = {
'name': voter.get('name'),
'voter_id': body.get('voter_id'),
'type': voter.get('type')
}
token = self.generate_auth_token(request.app['secret_key'],
voter.get('public_key'), user)
return json_response({'accessToken': token, 'user': user})
async def create_agent(self, request):
body = await decode_request(request)
required_fields = ['name', 'password']
validate_fields(required_fields, body)
if body.get('password') != PASSWORD or body.get('name') != USERNAME:
raise ApiUnauthorized('Not Authorized')
public_key, private_key = self._messenger.get_new_key_pair()
await self._messenger.send_create_agent_transaction(
private_key=private_key,
name=body.get('name'),
timestamp=get_time())
encrypted_private_key = encrypt_private_key(request.app['aes_key'],
public_key, private_key)
hashed_password = hash_password(body.get('password'))
await self._database.create_auth_entry(public_key,
encrypted_private_key,
hashed_password)
token = generate_auth_token(request.app['secret_key'], public_key)
return json_response({'authorization': token})
async def authenticate(self, request):
body = await decode_request(request)
required_fields = ['public_key', 'password']
validate_fields(required_fields, body)
password = bytes(body.get('password'), 'utf-8')
auth_info = await self._database.fetch_auth_resource(
body.get('public_key'))
if auth_info is None:
raise ApiUnauthorized('No agent with that public key exists')
hashed_password = auth_info.get('hashed_password')
if not bcrypt.checkpw(password, bytes.fromhex(hashed_password)):
raise ApiUnauthorized('Incorrect public key or password')
token = generate_auth_token(request.app['secret_key'],
body.get('public_key'))
return json_response({'authorization': token})
async def _authorize(self, request):
token = request.headers.get('AUTHORIZATION')
if token is None:
raise ApiUnauthorized('No auth token provided')
token_prefixes = ('Bearer', 'Token')
for prefix in token_prefixes:
if prefix in token:
token = token.partition(prefix)[2].strip()
try:
token_dict = deserialize_auth_token(request.app['secret_key'],
token)
except BadSignature:
raise ApiUnauthorized('Invalid auth token')
public_key = token_dict.get('public_key')
auth_resource = await self._database.fetch_auth_resource(public_key)
if auth_resource is None:
raise ApiUnauthorized('Token is not associated with an agent')
return decrypt_private_key(request.app['aes_key'], public_key,
auth_resource['encrypted_private_key'])