Exemplo n.º 1
0
    def user_by_email(self):
        email = flask.request.args.get('email', None)
        if email is None:
            return build_response(
                {
                    'error':
                    400,
                    'name':
                    'MissingEmailError',
                    'description':
                    'The email needs to be provided as a get parameter: email=...'
                }, 400, [('Content-Type', 'application/json')])

        try:
            user = nova.user.User(email=email)
            return self.user_response(user)
        except nova.exceptions.UserNotFoundError as e:
            return build_response(
                {
                    'error':
                    404,
                    'name':
                    'UserNotFound',
                    'description':
                    'Could not find the user with email "' + email + '".'
                }, 404, [('Content-Type', 'application/json')])
Exemplo n.º 2
0
    def salt(self):
        email = flask.request.args.get('email', None)
        if email is None:
            return build_response(
                {
                    'error':
                    400,
                    'name':
                    'ParameterError',
                    'message':
                    'The email of the user needs to be provided as a parameter.'
                }, 400, [('Content-Type', 'application/json')])

        user = nova.user.User(email=email)

        if user.salt is None:
            return build_response(
                {
                    'error': 404,
                    'name': 'UserNotFound',
                    'message': 'Could not find the requested user\'s salt.'
                }, 404, [('Content-Type', 'application/json')])

        return build_response({'salt': user.salt}, 200,
                              [('Content-Type', 'application/json')])
Exemplo n.º 3
0
    def verify(self):
        email = flask.request.args.get('email', None)
        verification_code = flask.request.args.get('verification_code', None)

        user = nova.user.User(email=email)
        try:
            user.verify(verification_code)
        except nova.exceptions.VerificationNotFoundError as e:
            return build_response(
                {
                    'error':
                    404,
                    'name':
                    'VerificationDataNotFound',
                    'description':
                    'Could not find the verification data for this email.'
                }, 404, [{'Content-Type', 'application/json'}])

        if not user.verified:
            return build_response(
                {
                    'error':
                    403,
                    'name':
                    'VerificationError',
                    'description':
                    'Verification for user with email ' + email + ' failed.'
                }, 403, [{'Content-Type', 'application/json'}])

        return build_response({}, 200, [{'Content-Type', 'application/json'}])
Exemplo n.º 4
0
    def create(self):
        email = flask.request.form.get('email', None)
        password = flask.request.form.get('password', None)

        user = nova.user.User()
        try:
            user.create(email, password)
        except nova.exceptions.ParameterError as e:
            return build_response(
                {
                    'error': 400,
                    'name': 'MissingEmailOrPassword',
                    'description': e.message
                }, 400, [('Content-Type', 'application/json')])

        if REQUIRE_VERIFY_EMAIL:
            verification_code = uuid.uuid4().hex

            try:
                verification_code = user.create_verification_code()
            except nova.exceptions.DatabaseWriteError as e:
                return build_response(
                    {
                        'error':
                        500,
                        'name':
                        'VerificationEmailError',
                        'description':
                        'Could not create the verification code for this user. Please try again.'
                    }, 400, [('Content-Type', 'application/json')])

            verification_link = flask.request.url_root[:-1] + flask.url_for(
                'auth.verify',
                verification_code=verification_code,
                email=user.email)

            novamail = nova.email.Email(user.email)
            try:
                novamail.send_verification_email(verification_link)
            except nova.exceptions.EmailConnectionFailed as e:
                return build_response(
                    {
                        'error':
                        500,
                        'name':
                        'EmailConnectionFailed',
                        'description':
                        'Could not connect to the internal mail delivery system.'
                    }, 500, [('Content-Type', 'application/json')])

            return build_response({
                'userid': user.userid,
                'email': user.email
            }, 200, [('Content-Type', 'application/json')])
        else:
            return build_response({
                'userid': user.userid,
                'email': user.email
            }, 200, [('Content-Type', 'application/json')])
Exemplo n.º 5
0
    def _auth_basic(self):
        email = flask.request.form.get('email', None)
        password = flask.request.form.get('password', None)

        user = nova.user.User(email=email)
        pass_valid = user.password_valid(password)

        if pass_valid:
            return build_response({}, 200, [])
        else:
            return build_response(
                {
                    'error': 401,
                    'name': 'InvalidCredentials',
                    'message':
                    'The provided credentials could not be verified.'
                }, 401, [('Content-Type', 'application/json')])
Exemplo n.º 6
0
 def user_response(self, user):
     return build_response(
         {
             'email': user.email,
             'fingerprint': user.fingerprint,
             'salt': user.salt,
             'role': user.role,
             'userid': user.userid,
             'verified': user.verified
         }, 200, [('Content-Type', 'application/json')])
Exemplo n.º 7
0
 def user_by_id(self, userid):
     try:
         user = nova.user.User(userid=userid)
         return self.user_response(user)
     except nova.exceptions.UserNotFoundError as e:
         return build_response(
             {
                 'error':
                 404,
                 'name':
                 'UserNotFound',
                 'description':
                 'Could not find the user with id "' + userid + '".'
             }, 404, [('Content-Type', 'application/json')])
Exemplo n.º 8
0
    def _auth_oauth(self):
        grant_type = flask.request.form.get('grant_type', None)
        client_id = flask.request.form.get('client_id', None)
        client_secret = flask.request.form.get('client_secret', None)
        email = flask.request.form.get('email', None)
        password = flask.request.form.get('password', None)
        refresh_token = flask.request.form.get('refresh_token', None)

        if grant_type is None or client_id is None or client_secret is None:
            return build_response(
                {
                    'error':
                    'invalid_request',
                    'error_description':
                    'grant_type, client_id and client_secret need to be defined as request parameters.'
                }, 400, [('Content-Type', 'application/json')])

        try:
            provider = self._provider_storage.get(client_id)
        except web.mod_auth.exceptions.ProviderNotDefined as e:
            return build_response(
                {
                    'error': 'invalid_client',
                    'error_description':
                    'No client found with the provided id.'
                }, 400, [('Content-Type', 'application/json')])

        try:
            access_token, refresh_token = provider.authenticate(
                client_secret,
                grant_type,
                email=email,
                password=password,
                refresh_token=refresh_token)
        except web.mod_auth.exceptions.WrongClientSecret as e:
            return build_response(
                {
                    'error':
                    'invalid_client',
                    'error_description':
                    'The provided client secret does not match the provided client id.'
                }, 400, [('Content-Type', 'application/json')])
        except web.mod_auth.exceptions.WrongGrantType as e:
            return build_response(
                {
                    'error':
                    'unsupported_grant_type',
                    'error_description':
                    'The provided grant type is not supported.'
                }, 400, [('Content-Type', 'application/json')])
        except web.mod_auth.exceptions.UserCredentialsError as e:
            return build_response(
                {
                    'error':
                    'invalid_grant',
                    'error_description':
                    'The provided user credentials do not match anything.'
                }, 400, [('Content-Type', 'application/json')])

        return build_response(
            {
                'access_token': access_token,
                'token_type': 'Bearer',
                'expires_in': 3600,
                'refresh_token': refresh_token
            }, 200, [('Content-Type', 'application/json'),
                     ('Cache-Control', 'no-store'), ('Pragma', 'no-cache')])
Exemplo n.º 9
0
 def _response(self, data, code, headers=[]):
     return build_response(data, code,
                           headers + [('Content-Type', 'application/json')])