def authenticate_and_call(*args, **kwargs):
if not user_manager.validate_token():
return unauthorized("login required")
if not hack_manager.validate_hackathon_name():
return bad_request("hackathon name invalid")
if not admin_manager.validate_admin_privilege_http():
return forbidden("access denied")
return func(*args, **kwargs)
def __db_login(self, context):
username = context.get("username")
enc_pwd = context.get("password")
user = User.objects(name=username, password=enc_pwd).first()
if user is None:
self.log.warn(
"invalid user/pwd login: username=%s, encoded pwd=%s" %
(username, enc_pwd))
return unauthorized("username or password error")
user.online = True
user.login_times = (user.login_times or 0) + 1
user.save()
token = self.__generate_api_token(user)
return {"token": token.dic(), "user": user.dic()}
def authing(self, context):
token = context.token
username = context.username
if not token or not username:
self.log.info(
"Unable to handle authing login request. Either token or username is empty. username: "******"Unable to handle authing login request. Either token or username is empty"
)
# validate access token
self.log.info("Validate authing token for user %s" % username)
validate_url = get_config("login.authing.validate_token_url") + token
validate_raw_resp = get_remote(validate_url)
validate_resp = json.loads(validate_raw_resp)
if int(validate_resp["code"]) != 200 or not bool(
validate_resp["status"]):
self.log.info("Token invalid: %s" % validate_raw_resp)
return unauthorized("Token invalid: %s" % validate_raw_resp)
authing_id = context._id
open_id = context.unionid
provider = context.registerMethod
if "oauth" in provider:
# OAuth like github. registerMethod example: "oauth:github"
provider = provider[6:]
else:
# Authing user: using authing_id as open_id
open_id = authing_id
email_list = [{
"email": context.get("email", ""),
"primary": True,
"verified": bool(context.get("emailVerified", False))
}]
user = self.__get_existing_user(open_id, provider)
if user is not None:
nickname = context.get("nickname", user.nickname)
if not nickname:
nickname = user.name
user.update(name=context.get("username", user.name),
nickname=nickname,
access_token=context.get("token", user.access_token),
avatar_url=context.get("photo", user.avatar_url),
authing_id=authing_id,
last_login_time=self.util.get_now(),
login_times=user.login_times + 1,
online=True)
list(
map(lambda x: self.__create_or_update_email(user, x),
email_list))
else:
user = User(openid=open_id,
name=username,
provider=provider,
authing_id=authing_id,
nickname=context.nickname,
access_token=token,
avatar_url=context.get("photo", ""),
login_times=int(context.get("loginsCount", "1")),
online=True)
try:
user.save()
except ValidationError as e:
self.log.error(e)
return internal_server_error("create user fail.")
list(
map(lambda x: self.__create_or_update_email(user, x),
email_list))
# save API token
token_expire_date = self.util.get_now() + timedelta(hours=1)
if "tokenExpiredAt" in context:
try:
token_expire_date = datetime.strptime(
context.tokenExpiredAt, '%a %b %d %Y %H:%M:%S GMT%z (CST)')
except Exception as e:
self.log.warn(
"Unable to parse tokenExpiredAt: %s. Will use 1 hour as expiry."
% context.tokenExpiredAt)
else:
self.log.info(
"tokenExpiredAt not included in authing response. Will use 1 hour as expiry."
)
user_token = UserToken(token=token,
user=user,
expire_date=token_expire_date)
user_token.save()
# resp = {
# "token": user_token.dic(),
# "user": user.dic()
# }
resp = context.to_dict()
resp.update(user.dic())
return resp
def authenticate_and_call(*args, **kwargs):
if not user_manager.validate_token():
return unauthorized("login required")
return func(*args, **kwargs)