class AuthHelper:
def __init__(self):
self.user_cookie = 'uc'
self.secure_cookie_serializer = SecureCookieSerializer(SECRET_KEY)
def get_authenticated_user(self, request):
"""
Reads the auth cookie from the request and returns the user entity
associated to the cookie value.
"""
cookie_val = request.cookies.get(self.user_cookie)
uid = self.secure_cookie_serializer.deserialize(self.user_cookie, cookie_val)
return uid and User.by_username(uid)
def set_auth_cookie(self, response, uid):
"""
Takes a valid user id and sets a secure cookie (token) in the
response used to validate if the user is signed in.
"""
cookie_val = self.secure_cookie_serializer.serialize(self.user_cookie, uid)
response.set_cookie(self.user_cookie, cookie_val, httponly=True)
def destroy_auth_cookie(self, response):
response.delete_cookie(self.user_cookie)
def set_cookie(self):
cookie_val = self.request.cookies.get('uid', default = None)
serializer = SecureCookieSerializer(app_globals.secure_cookie_pass_phrase)
self.response.write('cookie value is %s (raw) & %s (deserialized)'%(cookie_val, serializer.deserialize('uid', cookie_val)))
current_time = gmtime()
self.response.set_cookie(key = 'uid', value = serializer.serialize('uid', 'lollolo'), path = '/',
expires = datetime(current_time.tm_year + app_globals.login_cookie_expiry, current_time.tm_mon, current_time.tm_mday))
self.response.write('----------------------------------')
class CookieHelper():
cookie = None
max_age_dir = {}
def __init__(self, secret_key=None):
if secret_key:
self.cookie = SecureCookieSerializer(secret_key)
else:
self.cookie = SecureCookieSerializer(SECRET_KEY)
def _serialize(self, name, value):
return self.cookie.serialize(name, value)
def _deserialize(self, name, value, max_age=None):
return self.cookie.deserialize(name, value, max_age=None)
def get(self, controller, name, encrypted=True):
value = controller.request.cookies.get(name)
max_age = None
if name in self.max_age_dir:
max_age = self.max_age_dir[name]
if encrypted:
return self._deserialize(name, value, max_age)
return value
def write(self,
controller,
name,
value,
max_age=None,
path='/',
domain=None,
secure=False,
encrypted=True):
# Saves a cookie in the client.
if encrypted:
value = self._serialize(name, value)
if max_age:
self.max_age_dir[name] = max_age
controller.response.set_cookie(name,
value,
max_age=max_age,
path=path,
domain=domain,
secure=secure)
def delete(self, controller, name):
# Deletes a cookie previously set in the client.
controller.response.delete_cookie(name)
def unset(self, controller, name):
# Cancels a cookie previously set in the response.
controller.response.unset_cookie(name)
def get_user_or_none(cls, req):
"""
actual method that return the user or ``None``
:param req:
:return:
"""
uid = None
ut = None
# # in case it's test. use remote user.
# if 'REMOTE_USER' in req.environ and cls.__config_file.DEBUG:
# token = req.environ['REMOTE_USER']
# uid, ut = token.split("Token")[1].split("|")
# even if in test, but the remote user is not found. then...
if not uid and not ut:
token = req.headers.get("Authorization")
if token:
ret_token = token.split("Token")[1]
if not ret_token:
return None
uid, ut = ret_token.split("|")
else:
scs = SecureCookieSerializer(cls.__config_file.API_APP_CFG[cls.__app_name]['SECRET_KEY'])
token = req.cookies.get('gc_token')
if token:
token_des = scs.deserialize('Token', token)
if not token_des:
return None
uid, ut = token_des.split("|")
else:
return None
if uid and ut:
# user = memcache.get("%s|%s" % (uid, ut))
# if user:
# return user
# else:
if cls.__user_model.validate_auth_token(long(uid), ut):
user = cls.__user_model.get_by_auth_token(long(uid), ut)[0]
return user
# store in memcace for 1 week
# memcache.set("%s|%s" % (uid, ut), user, time=60 * 24 * 7)
return None
class BaseHandler(webapp2.RequestHandler):
def initialize(self, request, response):
super(BaseHandler, self).initialize(request, response)
# initialise with secret key
self.cookie_serializer = SecureCookieSerializer(SECRET)
def write(self, *args, **kwgs):
self.response.out.write(*args, **kwgs)
def render_str(self, template, **params):
t = env.get_template(template)
return t.render(**params)
def render(self, template, **params):
self.write(self.render_str(template, **params))
def get_cookie(self):
user_cookie = self.request.cookies.get('userid')
if user_cookie:
user_cookie = self.cookie_serializer.deserialize(
'userid',
user_cookie
)
if not user_cookie:
# invalid cookie signature
return None, ''
user_id, username = user_cookie.split('|')
user_id = int(user_id)
return user_id, username
else:
return None, ''
def get_user(self):
user_id, username = self.get_cookie()
logging.info('get_user -> {}, {}'.format(user_id, username))
if not user_id:
# no logged in user cookie
return None, None
user = User.get_by_id(user_id)
return user_id, user
