Exemplo n.º 1
    def setUp(self):
        app = Flask(__name__)
        app.config['SECRET_KEY'] = 'my secret'

        basic_auth = HTTPBasicAuth()
        token_auth = HTTPTokenAuth('MyToken')
        multi_auth = MultiAuth(basic_auth, token_auth)

        def verify_password(username, password):
            return username == 'john' and password == 'hello'

        def verify_token(token):
            return token == 'this-is-the-token!'

        def error_handler():
            return 'error', 401, {'WWW-Authenticate': 'MyToken realm="Foo"'}

        def index():
            return 'index'

        def auth_route():
            return 'access granted'

        self.app = app
        self.client = app.test_client()
Exemplo n.º 2
    def setUp(self):
        app = Flask(__name__)
        app.config['SECRET_KEY'] = 'my secret'

        basic_auth = HTTPBasicAuth()
        token_auth = HTTPTokenAuth('MyToken')
        custom_token_auth = HTTPTokenAuth(header='X-Token')
        multi_auth = MultiAuth(basic_auth, token_auth, custom_token_auth)

        def verify_password(username, password):
            if username == 'john' and password == 'hello':
                return 'john'

        def get_basic_role(username):
            if username == 'john':
                return ['foo', 'bar']

        def verify_token(token):
            return token == 'this-is-the-token!'

        def get_token_role(auth):
            if auth['token'] == 'this-is-the-token!':
                return 'foo'

        def error_handler():
            return 'error', 401, {'WWW-Authenticate': 'MyToken realm="Foo"'}

        def verify_custom_token(token):
            return token == 'this-is-the-custom-token!'

        def get_custom_token_role(auth):
            if auth['token'] == 'this-is-the-custom-token!':
                return 'foo'

        def index():
            return 'index'

        def auth_route():
            return 'access granted:' + str(multi_auth.current_user())

        def auth_role_route():
            return 'role access granted'

        self.app = app
        self.client = app.test_client()
Exemplo n.º 3
 def __init__(self):
     """Creates access control class for authentication and authorization."""
     self._basic_auth = HTTPBasicAuth()
     self._token_auth = HTTPTokenAuth()
     self._auth = MultiAuth(self._basic_auth, self._token_auth)
     self._resources = {}
Exemplo n.º 4
from util.user import basic_login, get_user_token, is_valid_token, create_token

app = Flask(__name__)
# configure socket to the application
socketio = SocketIO(app)
# Set CORS options on app configuration
app.config['CORS_HEADERS'] = "Content-Type"
app.config['CORS_RESOURCES'] = {r"/*": {"origins": "*"}}
sentry = None
if os.environ.get('SENTRY_DSN'):
    sentry = Sentry(app, dsn=os.environ.get('SENTRY_DSN'))
    app.debug = True
token_auth = HTTPTokenAuth(scheme='Token')
basic_auth = HTTPBasicAuth()
multi_auth = MultiAuth(HTTPBasicAuth, HTTPTokenAuth)

def get_app():
    return app

def verify_token(token):
    g.user_id = None
        is_valid = is_valid_token(token)

        return is_valid
        return False
Exemplo n.º 5
from flask import g
from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth, MultiAuth
import models

# itsdangerous handles all of the token work i.e json web tokens
# httpbasicauth makes it that you do not need javascript for any of this
basic_auth = HTTPBasicAuth()
token_auth = HTTPTokenAuth(scheme='Token')
auth = MultiAuth(token_auth, basic_auth) # looks at the first thing first

def verify_password(email_or_username, password):
        user = models.User.get(
            (models.User.email==email_or_username) |
        if not user.verify_password(password):
            return False
    except models.User.DoesNotExist:
        return False
        g.user = user
        return True

def verify_token(token):
    user = models.User.verify_auth_token(token)
    if user is not None:
        g.user = user
        return True
Exemplo n.º 6

app = Flask(__name__)
api = Api(app)
#import config
db = SQLAlchemy(app)

basic_auth = HTTPBasicAuth()
token_auth = HTTPTokenAuth(scheme='Bearer')
multi_auth = MultiAuth(basic_auth, token_auth)

parser = reqparse.RequestParser()
parser.add_argument('auth_key', type=str)
parser.add_argument('auth_value', type=str)

tokens = {}

def create_token(api_user):
    :param api_user:用户id
    :return: token
Exemplo n.º 7

import time

import random
from flask import Flask, request
from flask_httpauth import HTTPBasicAuth, HTTPDigestAuth, MultiAuth
from gevent.pywsgi import WSGIServer

from tests.config import TEST_PORT, USER

app = Flask(__name__)
basic_auth = HTTPBasicAuth()
digest_auth = HTTPDigestAuth()

auth = MultiAuth(digest_auth, basic_auth)
app.config['SECRET_KEY'] = 'secret'

def get_pw(username):
    if username in USER['user']:
        return USER['password']
        from tests import test_benchs
        test_benchs.local_server_exception.append('No auth')
        return None

def get_pw(username):
Exemplo n.º 8
from flask_sqlalchemy import SQLAlchemy
from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth, MultiAuth
from flask_migrate import Migrate
from flask_sqlalchemy.model import BindMetaMixin, Model
from sqlalchemy.ext.declarative import DeclarativeMeta, declarative_base

class NoNameMeta(BindMetaMixin, DeclarativeMeta):

# Disable Table Name Generation
db = SQLAlchemy(model_class=declarative_base(
    cls=Model, metaclass=NoNameMeta, name='Model'))
basic_auth = HTTPBasicAuth()
auth = HTTPTokenAuth('Bearer')
multi_auth = MultiAuth(basic_auth, auth)
migrate = Migrate()
Exemplo n.º 9
#!/usr/bin/env python3

from flask import Flask
from flask import g
from flask_httpauth import HTTPBasicAuth
from flask_httpauth import HTTPDigestAuth
from flask_httpauth import MultiAuth
from werkzeug.security import generate_password_hash, check_password_hash

APP = Flask(__name__)
APP.config['SECRET_KEY'] = 'secret'


def verify_password(username, password):
    g.user = username
    return username == 'username' and check_password_hash(
        generate_password_hash('password'), password)

def get_pw(username):
    if username == 'username':
        g.user = username
        return 'password'

    return None
from flask import g

from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth, MultiAuth

import models

bask_auth = HTTPBasicAuth()
token_auth = HTTPTokenAuth(scheme='Token')
auth = MultiAuth(token_auth, bask_auth)

def verify_password(email_or_username, password):
        user = models.User.get((models.User.email == email_or_username)
                               | (models.User.username == email_or_username))
        if not user.verify_password(password):
            return False
    except models.User.DoesNotExist:
        return False
        g.user = user
        return True

def verify_token(token):
    user = models.User.verify_auth_token(token)
    if user is not None:
        g.user = user
        return True
Exemplo n.º 11
from .exceptions import BackendError, ProcessingError
from .version import __version__  # noqa
from .views import MEDIA_TYPE_TAXII_V20

# Console Handler for medallion messages
ch = logging.StreamHandler()

# Module-level logger
log = logging.getLogger(__name__)

jwt_auth = HTTPTokenAuth(scheme='JWT')
basic_auth = HTTPBasicAuth()
token_auth = HTTPTokenAuth(scheme='Token')
auth = MultiAuth(None)

def set_multi_auth_config(main_auth, *additional_auth):
    type_to_app = {'jwt': jwt_auth, 'api_key': token_auth, 'basic': basic_auth}

    auth.main_auth = type_to_app[main_auth]
    additional_auth = [a for a in additional_auth if a != main_auth]
    auth.additional_auth = tuple(
        type_to_app[a] for a in tuple(OrderedDict.fromkeys(additional_auth)))

def set_auth_config(flask_application_instance, config_info):
    with flask_application_instance.app_context():
        log.debug("Registering medallion users configuration into {}".format(
Exemplo n.º 12
from flask import g

from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth, MultiAuth

import models

basic_auth = HTTPBasicAuth()
token_auth = HTTPTokenAuth(scheme='Token')
auth = MultiAuth(token_auth, basic_auth)  # Tries token, then basic

def verify_password(email_or_username, password):
        user = models.User.get((models.User.email == email_or_username)
                               | (models.User.username == email_or_username))
        if not user.verify_password(password):
            return False
    except models.User.DoesNotExist:
        return False
        g.user = user
        return True

def verify_token(token):
    user = models.User.verify_auth_token(token)
    if user is not None:
        g.user = user
        return True
Exemplo n.º 13
from flask import g, jsonify
from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth, MultiAuth
from ..models import User
from . import api
from .errors import unauthorized, forbidden

basicAuth = HTTPBasicAuth()
tokenAuth = HTTPTokenAuth(scheme='Bearer')
multiAuth = MultiAuth(basicAuth, tokenAuth)

def verify_password(email, pin):
    if email != '':
        user = User.query.filter_by(email=email.lower()).first()
        if not user:
            return False
        g.current_user = user
        g.token_used = False
        return user.verify_password(pin)
    if pin == '':
        return False
    for user in User.query.all():
        if user.verify_pin(pin):
            temp = user
            g.current_user = temp
            g.token_used = False
            return True
    return False

Exemplo n.º 14
        r"/api/*": {
            "origins": "*"

# from .model.UAC import UserMod, URoleMod, UGroupMod, roles_users, gps_users

# Flask-Security
# user_datastore = SQLAlchemyUserDatastore(db, UserMod, URoleMod)
# security = Security().init_app(app, user_datastore, register_blueprint=False)

baseauth = HTTPBasicAuth()
tokenauth = HTTPTokenAuth(scheme='Bearer')
auth = MultiAuth(baseauth, tokenauth)

def index():
    return render_template('index.html')

d = rt_conf.copy()
if d['APIService'] is not None:
    if d['APIService']['SQL']:
        del d['APIService']['SQL']

    if str(d['APIService']['ServerConfig']['host']) == '' or \
      str(d['APIService']['ServerConfig']['host']) == '' or\
      str(d['APIService']['ServerConfig']['host']) == 'host':
Exemplo n.º 15
import os
import random
import requests
import smtplib
import string
import sys
import timestring
import zerorpc

# custom files - rsappapi.py uses these files
import constants
import stripe_process

auth = HTTPBasicAuth()
tokenauth = HTTPTokenAuth("Bearer")
multiauth = MultiAuth(auth, tokenauth)
app = Flask(__name__)
# Lines above are copied from the file (from rsappapi.py
#  for the example below) that has the function to test.

# https://docs.python.org/2/library/unittest.html - for more info
import unittest

# RSAPPAPI_IMPORTS - import function to test.
from rsappapiFunc import get_scan_alerts

OK200 = "[200 OK]"
NF404 = "[404 Not Found]"
LK423 = "[423 Locked]"
Exemplo n.º 16
class Auth():
    Authorization via basic auth or bearer token. Call methods as decorators.

    :var     basic_auth: Authorization via basic auth
    :vartype basic_auth: flask_httpauth.HTTPBasicAuth
    :var     token_auth: Authorization via bearer token
    :vartype token_auth: flask_httpauth.HTTPTokenAuth
    :var     multi_auth: Authorization via basic auth or bearer token
    :vartype multi_auth: flask_httpauth.MultiAuth
    basic_auth = HTTPBasicAuth()
    token_auth = HTTPTokenAuth('Bearer')
    multi_auth = MultiAuth(basic_auth, token_auth)

    def verify_password(username, password):
        Verify user password in basic auth. Called this method in use of
        @basic_auth.login_required or @multi_auth.login_required decorators

        :param username: User login
        :type  username: str
        :param password: User password
        :type  password: str
        :return: True if the password matched, False otherwise
        :rtype:  bool
        user = User.query.filter_by(username=username).first()
        if not user or not user.verify_password(password):
            return False
        # Insert authorized user in Flask g object
        g.user = user
        return True

    def verify_token(token):
        Verify user password in bearer token auth. Called this method in use of
        @token_auth.login_required or @multi_auth.login_required decorators

        :param token: Bearer token
        :type  token: str
        :return: True if the token matched, False otherwise
        :rtype:  bool
        user = User.verify_auth_token(token)
        if not user:
            return False
        # Insert authorized user in Flask g object
        g.user = user
        return True

    def unauthorized():
        Return error JSON in 401 response if authorization is failed
        abort(401, message="Unauthorized access")
Exemplo n.º 17
Authentication functions for the iffSamples RESTful API.

import flask

from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth, MultiAuth

from sampledb.logic.authentication import login, login_via_api_token
from sampledb.logic.object_permissions import Permissions
from sampledb.utils import object_permissions_required as object_permissions_required_generic

__author__ = 'Florian Rhiem <*****@*****.**>'

http_basic_auth = HTTPBasicAuth()
http_token_auth = HTTPTokenAuth(scheme='Bearer')
multi_auth = MultiAuth(http_basic_auth, http_token_auth)

def verify_token(api_token):
    if not api_token:
        return None
    flask.g.user = login_via_api_token(api_token)
    return flask.g.user

def verify_password(username, password):
    if not username:
        return None
    flask.g.user = login(username, password)
Exemplo n.º 18
from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth, MultiAuth
from flask_restful import Resource, Api
from flask_cors import CORS
import sqlalchemy
from itsdangerous import TimedJSONWebSignatureSerializer as JSONSigSerializer
from werkzeug.security import generate_password_hash, check_password_hash

db = None  # call initialize() to fill these up
serializer = None  # this one is used for the token auth

# Set up the authentication (see https://flask-httpauth.readthedocs.io/).

auth_basic = HTTPBasicAuth()
auth_token = HTTPTokenAuth('Bearer')
auth = MultiAuth(auth_basic, auth_token)

def verify_password(usernameOrEmail, password):
    res = dbget('id,password', 'users where username=? or email=?',
        (usernameOrEmail, usernameOrEmail))
    if len(res) == 1:
        g.user_id = res[0]['id']
        return check_password_hash(res[0]['password'], password)
        return False

def verify_token(token):
        g.user_id = serializer.loads(token)
Exemplo n.º 19
            insert('loginhistory', {
                'username': username,
                'createdate': createdate

            return True
        except Exception as e:
            return str(e)
    except Exception as e:
        return str(e)

# 基本认证
auth = HTTPBasicAuth()
authtoken = HTTPTokenAuth()
authmulti = MultiAuth(auth, authtoken)

def verify_pw(username, pwd):
    haveauser = findeuser("users", {'username': username}, 'username', 'pwd')
    if haveauser[-1]['len'] != 0:
        if verify_password(pwd, haveauser[0]['pwd']):
            return True
    return None

def verify_token(token):
    if userverify_token(token):
        logined = findeuser('loginedtoken', {'token': token}, 'username')
Exemplo n.º 20
from flask import g

from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth, MultiAuth

import models

basic_auth = HTTPBasicAuth()
token_auth = HTTPTokenAuth(scheme='Token')
auth = MultiAuth(token_auth, basic_auth)

def verify_password(username_or_token, password):
    user = models.User.verify_auth_token(username_or_token)
    if not user:
        user = models.User.get((models.User.email == username_or_token)
                               | (models.User.username == username_or_token))
        if not user or not user.verify_password(password):
            return False
    g.user = user
    return True

def verify_token(token):
    user = models.User.verify_auth_token(token)
    if user is not None:
        g.user = user
        return True
    return False
from flask import g
from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth, MultiAuth

import models

basic_auth = HTTPBasicAuth()
token_auth = HTTPTokenAuth(scheme='Token')
auth = MultiAuth(token_auth,
                 basic_auth)  # try token_auth first, and then try basic_auth

def verify_password(email_or_username, password):
        user = models.User.get((models.User.email == email_or_username)
                               | (models.User.username == email_or_username))
        if not user.verify_password(password):
            return False
    except models.User.DoesNotExist:
        return False
        g.user = user
        return True

def verify_token(token):
    user = models.User.verify_auth_token(token)
    if user is not None:
        g.user = user
        return True
Exemplo n.º 22
from flask import Flask, abort, request, jsonify, g, url_for
from .user_model import db, User
from . import user_controller 
from . import rule_controller
from . import engine_controller
from time import gmtime, strftime
import datetime
from flask_httpauth import HTTPTokenAuth,HTTPBasicAuth,MultiAuth

def health():
        return user_controller.get_health()

auth = HTTPBasicAuth()
auth_token = HTTPTokenAuth('Bearer')
multi_auth = MultiAuth(auth, auth_token) 

def verify_password(username_or_token, password):
    return user_controller.test_password(username_or_token, password)

def verify_token(username_or_token):
    return user_controller.test_token(username_or_token)

@app.route('/api/users', methods=['POST'])
def add_new_user():
    return user_controller.new_user()

Exemplo n.º 23
# initialization
app = Flask(__name__)
app.config['SECRET_KEY'] = 'the quick brown fox jumps over the lazy dog'
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///db.sqlite'

# app.config['LDAP_HOST'] = 'ldap.example.com'
# app.config['LDAP_DOMAIN'] = 'example.com'
# app.config['LDAP_AUTH_TEMPLATE'] = 'login.html'
# app.config['LDAP_PROFILE_KEY'] = 'employeeID'

# extensions
db = SQLAlchemy(app)
auth = HTTPBasicAuth()
token_auth = HTTPTokenAuth(scheme='Bearer')
multi_auth = MultiAuth(auth, token_auth)
# ldap = LDAP(app)

class User(db.Model):
    __tablename__ = 'users'
    id = db.Column(db.Integer, primary_key=True)
    username = db.Column(db.String(32), index=True)
    password_hash = db.Column(db.String(64))

    def hash_password(self, password):
        self.password_hash = pwd_context.encrypt(password)

    def verify_password(self, password):
        return pwd_context.verify(password, self.password_hash)
Exemplo n.º 24
		return False
		verifed_payload = jwt.decode(access_token, JWT_SALT, True, verify_exp=False)
	except exceptions.ExpiredSignatureError as e:#exp超时就停止验证
		tokenauth.error_handler(return_error('SIGN_ERROR', e).__repr__)	
		return False
	except jwt.DecodeError as e:#header,payload(base64双数据字符),crypto格式不对
		tokenauth.error_handler(return_error('SIGN_ERROR', e).__repr__)	
		return False
	except jwt.InvalidTokenError as e:#格式是对的,header,payload,crypto对不上
		tokenauth.error_handler(return_error('SIGN_ERROR', e).__repr__)	
		return False
	return True

# multiauth = MultiAuth(baseauth,tokenauth)
multiauth = MultiAuth(tokenauth, baseauth)

def create_token(user, expires=300):
	headers = {
	payload = {
	'iat': datetime.datetime.now(),
	'exp': datetime.datetime.utcnow() + datetime.timedelta(seconds=expires)#jwt解码时datetime.utcnow()
Exemplo n.º 25
from flask import Flask, logging, jsonify, request, make_response
from flask_sqlalchemy import SQLAlchemy
from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth, HTTPDigestAuth, MultiAuth

from config import config

db = SQLAlchemy()
token_auth = HTTPTokenAuth()
multi_auth = MultiAuth(token_auth)

def create_app(config_name):
    app = Flask(__name__)
    app.config.from_object(config.get(config_name) or config['default'])


    from app.main import main_bp
    from app.auth import auth_bp
    from app.user import user_bp
    from app.redis_db import redis_db_bp
    from app.redis_server import redis_server_bp

    app.register_blueprint(main_bp, url_prefix='/')
    app.register_blueprint(auth_bp, url_prefix='/auth')
    app.register_blueprint(user_bp, url_prefix='/user')
    app.register_blueprint(redis_server_bp, url_prefix='/redis_server')