def authenticateUserFromRESTRequest(self, request, payload=None):
     '''
     Manages the authentication process via REST.
     Reads the header fields that starts with "X-Auth-" and 
     call the proper methods to check the user authentication.
     '''
     username = request.headers.get("X-Auth-User")
     password = request.headers.get("X-Auth-Pass")
     #tenant = rrequest.headers.get("X-Auth-Tenant")
     
     token = request.headers.get("X-Auth-Token")
     
     if token is not None:
         return self.authenticateUserFromToken(token)
     
     elif payload is not None and 'username' in payload.keys() and 'password' in payload.keys():
         return self.authenticateUserFromCredentials(payload['username'], payload['password'], None)
     
     elif username is not None and password is not None: # and tenant is not None:
         return self.authenticateUserFromCredentials(username, password, None)
     
     raise wrongRequest('Wrong authentication request: send user/password or token')
    def head(self):
        """
        Test a token
        It checks the validity of the given token
        ---
        tags:
          - NF-FG
        parameters:
          - name: X-Auth-Token
            in: header
            description: Authentication token to be tested
            required: true
            type: string

        responses:
          200:
            description: Token is valid
          400:
            description: Bad request                     
          401:
           description: Login failed
          500:
            description: Internal Error                
        """          
        try:
            token = request.headers.get("X-Auth-Token")
        
            if token is not None:
                UserAuthentication().authenticateUserFromToken(token)
            else:
                raise wrongRequest('Wrong authentication request: expected X-Auth-Token in the request header')
            
            return ("Token is valid")
        
        # User auth request - raised by UserAuthentication().authenticateUserFromRESTRequest
        except wrongRequest as err:
            logging.exception(err)
            return ("Bad Request", 400)
                
        # User auth credentials - raised by UserAuthentication().authenticateUserFromRESTRequest
        except unauthorizedRequest as err:
            if request.headers.get("X-Auth-User") is not None:
                logging.debug("Unauthorized access attempt from user "+request.headers.get("X-Auth-User"))
            logging.debug(err.message)
            return ("Unauthorized", 401)
                
        # User auth credentials - raised by UserAuthentication().authenticateUserFromRESTRequest
        except UserTokenExpired as err:
            logging.exception(err)
            return (err.message, 401)

        # NFFG validation - raised by json.loads()
        except ValueError as err:
            logging.exception(err)
            return ("ValueError", 406)
        
        # No Results
        except UserNotFound as err:
            logging.exception(err)
            return ("UserNotFound", 404)
        except TenantNotFound as err:
            logging.exception(err)
            return ("TenantNotFound", 404)
        except NoResultFound as err:
            logging.exception(err)
            return ("NoResultFound", 404)
        except sessionNotFound as err:
            logging.exception(err)
            return ("sessionNotFound", 404)
        
        # Other errors
        except requests.HTTPError as err:
            logging.exception(err)
            return (str(err), 500)            
        except Exception as err:
            logging.exception(err)
            return (str(err), 500)