def create(session, topic_name=None):
""" Create a new topic for the currently logged-in user.
"""
raise UnauthorizedException() # Disable for now.
if session == None:
raise InvalidParametersException()
sessionHandler.validate(session)
user = sessionHandler.get_user(session)
if topic_name == "": topic_name = None
if topic_name == None:
# Create a new random name for this topic.
while True:
topic_name = utils.random_letters_and_digits(min_length=4,
max_length=6)
if not Topic.objects.filter(user=user,name=topic_name).exists():
break
_check_topic_name(topic_name)
try:
existing_topic = Topic.objects.get(user=user, name=topic_name)
except Topic.DoesNotExist:
existing_topic = None
if existing_topic != None:
raise DuplicateTopicNameException()
topic = Topic()
topic.user = user
topic.name = topic_name
topic.active = True
topic.num_views = 0
topic.hide_username = False
topic.hidden_url = hiddenURLs.generate(user) # URL for user, not topic.
topic.save()
return topic.to_dict()
def login(username, password=None, pass_hash=None, session_length=72):
""" Attempt to log in with the given credentials.
The parameters are as follows:
'username'
The username for the user we are attempting to log in as.
'password'
If logging in using a plaintext password, this should be set to
the password value and 'pass_hash' should be set to None.
'pass_hash'
If logging in using a hashed password, this should be set to
the password hash, and 'password' should be set to None.
'session_length'
How long the login session should remain valid for, in hours.
We attempt to log in to the 3tap Identity API using the given username
and password or password hash. The login session will last for the
given number of hours.
Note that this function encapsulates both parts of the two-step login
process required by the 3taps Identity API.
Upon completion, we return a (success, response) tuple, where 'success'
is True if we successfully logged in, and False otherwise.
If the login attempt was successful, 'response' will be a dictionary
with the following entries:
'session_token'
The session token used for this login session.
'server_salt'
The server salt value used by the 3taps Identity API for this
user.
If the login attempt failed, 'response' will be a string indicating
what went wrong.
"""
# Call identity/login to start the login process.
success,response = call_api("login", {'username' : username})
if not success: return (False, response)
session = json.loads(response)
# Calculate the hashed version of the password to send to the identity API.
client_salt = utils.random_letters_and_digits(min_length=10,
max_length=20)
if (password != None) and (pass_hash == None):
pass_hash = hashlib.md5(password + session['server_salt']).hexdigest()
elif (password == None) and (pass_hash != None):
pass # Caller supplied a password hash directly -> just use it.
else:
return (False, "Password or password hash required")
hash = hashlib.md5(pass_hash + client_salt).hexdigest()
# Finally, authenticate this session.
params = {'session_token' : session['session_token'],
'session_length' : session_length,
'client_salt' : client_salt,
'hash' : hash}
success,response = call_api("authenticate", params)
if not success: return (False, response)
return (True, session)
