def _authenticate_token( username: str, token: str) -> Tuple[model.User, model.UserToken]: ''' Try to authenticate user. Throw AuthError for invalid users. ''' user = users.get_user_by_name(username) user_token = user_tokens.get_by_user_and_token(user, token) if not auth.is_valid_token(user_token): raise errors.AuthError('Invalid token.') return user, user_token
def _authenticate_token(username: str, token: str) -> Tuple[model.User, model.UserToken]: ''' Try to authenticate user. Throw AuthError for invalid users. ''' user = users.get_user_by_name(username) user_token = user_tokens.get_by_user_and_token(user, token) if not auth.is_valid_token(user_token): raise errors.AuthError('잘못된 토큰입니다.') return user, user_token
def test_get_by_user_and_token(user_token_factory): user_token = user_token_factory() db.session.add(user_token) db.session.flush() db.session.commit() result = user_tokens.get_by_user_and_token(user_token.user, user_token.token) assert result == user_token
def test_get_by_user_and_token(user_token_factory): user_token = user_token_factory() db.session.add(user_token) db.session.flush() db.session.commit() result = user_tokens.get_by_user_and_token( user_token.user, user_token.token) assert result == user_token
def delete_user_token(ctx: rest.Context, params: Dict[str, str]) -> rest.Response: user = users.get_user_by_name(params["user_name"]) infix = "self" if ctx.user.user_id == user.user_id else "any" auth.verify_privilege(ctx.user, "user_tokens:delete:%s" % infix) user_token = user_tokens.get_by_user_and_token(user, params["user_token"]) if user_token is not None: ctx.session.delete(user_token) ctx.session.commit() return {}
def delete_user_token( ctx: rest.Context, params: Dict[str, str]) -> rest.Response: user = users.get_user_by_name(params['user_name']) infix = 'self' if ctx.user.user_id == user.user_id else 'any' auth.verify_privilege(ctx.user, 'user_tokens:delete:%s' % infix) user_token = user_tokens.get_by_user_and_token(user, params['user_token']) if user_token is not None: ctx.session.delete(user_token) ctx.session.commit() return {}
def update_user_token(ctx: rest.Context, params: Dict[str, str] = {}) -> rest.Response: user = users.get_user_by_name(params["user_name"]) infix = "self" if ctx.user.user_id == user.user_id else "any" auth.verify_privilege(ctx.user, "user_tokens:edit:%s" % infix) user_token = user_tokens.get_by_user_and_token(user, params["user_token"]) versions.verify_version(user_token, ctx) versions.bump_version(user_token) if ctx.has_param("enabled"): auth.verify_privilege(ctx.user, "user_tokens:edit:%s" % infix) user_tokens.update_user_token_enabled(user_token, ctx.get_param_as_bool("enabled")) if ctx.has_param("note"): auth.verify_privilege(ctx.user, "user_tokens:edit:%s" % infix) note = ctx.get_param_as_string("note") user_tokens.update_user_token_note(user_token, note) if ctx.has_param("expirationTime"): auth.verify_privilege(ctx.user, "user_tokens:edit:%s" % infix) expiration_time = ctx.get_param_as_string("expirationTime") user_tokens.update_user_token_expiration_time(user_token, expiration_time) user_tokens.update_user_token_edit_time(user_token) ctx.session.commit() return _serialize(ctx, user_token)
def update_user_token( ctx: rest.Context, params: Dict[str, str] = {}) -> rest.Response: user = users.get_user_by_name(params['user_name']) infix = 'self' if ctx.user.user_id == user.user_id else 'any' auth.verify_privilege(ctx.user, 'user_tokens:edit:%s' % infix) user_token = user_tokens.get_by_user_and_token(user, params['user_token']) versions.verify_version(user_token, ctx) versions.bump_version(user_token) if ctx.has_param('enabled'): auth.verify_privilege(ctx.user, 'user_tokens:edit:%s' % infix) user_tokens.update_user_token_enabled( user_token, ctx.get_param_as_bool('enabled')) if ctx.has_param('note'): auth.verify_privilege(ctx.user, 'user_tokens:edit:%s' % infix) note = ctx.get_param_as_string('note') user_tokens.update_user_token_note(user_token, note) if ctx.has_param('expirationTime'): auth.verify_privilege(ctx.user, 'user_tokens:edit:%s' % infix) expiration_time = ctx.get_param_as_string('expirationTime') user_tokens.update_user_token_expiration_time( user_token, expiration_time) user_tokens.update_user_token_edit_time(user_token) ctx.session.commit() return _serialize(ctx, user_token)
def update_user_token(ctx: rest.Context, params: Dict[str, str] = {}) -> rest.Response: user = users.get_user_by_name(params['user_name']) infix = 'self' if ctx.user.user_id == user.user_id else 'any' auth.verify_privilege(ctx.user, 'user_tokens:edit:%s' % infix) user_token = user_tokens.get_by_user_and_token(user, params['user_token']) versions.verify_version(user_token, ctx) versions.bump_version(user_token) if ctx.has_param('enabled'): auth.verify_privilege(ctx.user, 'user_tokens:edit:%s' % infix) user_tokens.update_user_token_enabled(user_token, ctx.get_param_as_bool('enabled')) if ctx.has_param('note'): auth.verify_privilege(ctx.user, 'user_tokens:edit:%s' % infix) note = ctx.get_param_as_string('note') user_tokens.update_user_token_note(user_token, note) if ctx.has_param('expirationTime'): auth.verify_privilege(ctx.user, 'user_tokens:edit:%s' % infix) expiration_time = ctx.get_param_as_string('expirationTime') user_tokens.update_user_token_expiration_time(user_token, expiration_time) user_tokens.update_user_token_edit_time(user_token) ctx.session.commit() return _serialize(ctx, user_token)