Exemplo n.º 1
0
def ensure_group_administrator():
    db = get_db()
    administrator = fetch_user_group('Administrator')
    permissions = administrator.permissions
    permissions.append(fetch_permission('concept:read'))
    permissions.append(fetch_permission('concept:write'))
    db.session.commit()
Exemplo n.º 2
0
def fetch_user_group(name: str):
    user_group = UserGroup.query.filter_by(name=name).first()
    if not user_group:
        db = get_db()
        user_group = UserGroup(name=name)
        db.session.add(user_group)
    return user_group
Exemplo n.º 3
0
def fetch_permission(name: str):
    permission = Permission.query.filter_by(name=name).first()
    if not permission:
        db = get_db()
        permission = Permission(name=name)
        db.session.add(permission)
    return permission
Exemplo n.º 4
0
def can_pass(condition, email, failure_message, failure_code=400):
    if condition():
        from flask import request
        from km.database import get_db
        from km.model import Authentication
        db = get_db()
        authentication = Authentication(email=email, ip_address=request.remote_addr, message=failure_message)
        db.session.add(authentication)
        db.session.commit()
        abort(failure_code, message=failure_message)
Exemplo n.º 5
0
def register():
    from km.database import get_db
    from km.model import User
    from km.model.user import fetch_user_group

    args = create_register_request_args.parse_args()
    hash_ = sha256()
    hash_.update(args['password'].encode('utf-8'))
    user = User(email=args['email'], password=hash_.hexdigest(), first_name=args['firstName'],
                last_name=args['lastName'])
    user.groups.append(fetch_user_group('User'))
    db = get_db()
    db.session.add(user)
    db.session.commit()

    return marshal(user, user_fields), 201
Exemplo n.º 6
0
def login():
    from km.model import User
    from km.database import get_db
    db = get_db()
    args = create_login_request_args.parse_args()
    if not args['email']:
        abort(401, message='Missing email.')
    can_pass(lambda: not args['password'], args['email'], 'Missing password', 401)

    password = sha256()
    password.update(args['password'].encode('utf-8'))

    user = User.query.filter_by(email=args['email'], password=password.hexdigest()).first()
    can_pass(lambda: not user, args['email'], 'E-Mail or password is wrong.', 401)

    token, refresh_token, expires = generate_token(user)

    return jsonify(
        {"access_token": token, 'refresh_token': refresh_token, "expires_at": datetime_to_unixtimestamp(expires)}), 200
Exemplo n.º 7
0
def generate_token(user) -> tuple:
    from flask import request, current_app
    from km.database import get_db
    from km.model import Authentication

    now = now_()
    expires = now + expiration_timespan
    refresh_token = create_refresh_token()
    auth = Authentication(email=user.email, ip_address=request.remote_addr, refresh_token=refresh_token,
                          success=True, expires=expires)
    print(f"\nNew {now}+{expiration_timespan} = {expires}", flush=True)
    db = get_db()
    db.session.add(auth)
    db.session.commit()

    return (jwt.encode(
        {'sub': user.email, 'exp': expires, 'aud': current_app.config['JWT_AUDIENCE'], 'iat': now,
         'permissions': user.permissions},
        current_app.config['PRIVATE_KEY'],
        algorithm='RS256'), refresh_token, expires)
Exemplo n.º 8
0
def ensure_group_user():
    db = get_db()
    user = fetch_user_group('User')
    permissions = user.permissions
    permissions.append(fetch_permission('concept:read'))
    db.session.commit()