Пример #1
0
def isLoggedIn(request):
    from authentication.models import Credential
    credentialId = request.GET.get('credentialId')
    secretKey = request.GET.get('secretKey')
    if credentialId and secretKey and Credential.validate(credentialId, secretKey):# and Credential.objects.get(partyId=credentialId).partyId.partyType=='phoenix':
        return True
    return False
Пример #2
0
def isPhoenix(request):
    from authentication.models import Credential
    credentialId = request.GET.get('credentialId')
    secretKey = request.GET.get('secretKey')
    if credentialId and secretKey and Credential.validate(credentialId, secretKey):
        return True
    return False
Пример #3
0
def isPhoenix(request):
    from authentication.models import Credential
    credentialId = request.GET.get('credentialId')
    secretKey = request.GET.get('secretKey')
    if credentialId and secretKey and Credential.validate(
            credentialId, secretKey):
        return True
    return False
Пример #4
0
 def authentication(loginKey, partyId, url, partnerId, hostUrl, apiKey):
     if not AccessType.checkHasAccessRule(url, "Login", partnerId):
         # does not have Login access rule to this url, allow access.
         return True
     if Credential.validate(partyId, loginKey):
         # have authentication, allow access.
         return True
     return False
Пример #5
0
def isLoggedIn(request):
    from authentication.models import Credential
    credentialId = request.GET.get('credentialId')
    secretKey = request.GET.get('secretKey')
    if credentialId and secretKey and Credential.validate(
            credentialId, secretKey
    ):  # and Credential.objects.get(partyId=credentialId).partyId.partyType=='phoenix':
        return True
    return False
Пример #6
0
 def get(self,request):
     params = request.GET
     # not checking param existence since it is only used by Phoenix's resources
     partnerId = params['partnerId']
     username = params['username']
     duration = int(params['activeDuration'])
     try:
         credentialObj = Credential.getByUsernameAndPartner(username, partnerId)
         partyId = credentialObj.partyId.partyId
         activePurchases = UsageTierPurchase.getActiveByIdAndPartner(partyId, partnerId, duration)
         if activePurchases:
             serializer = UsageTierPurchaseSerializer(activePurchases[0])
             return HttpResponse(json.dumps(dict(serializer.data)), content_type="application/json")
     except Credential.DoesNotExist:
         pass
     except Credential.MultipleObjectsReturned:
         pass
     return HttpResponse(json.dumps(None), content_type="application/json")
Пример #7
0
    def chargeForCyVerse(stripe_api_key, stripe_token, priceToCharge,
                         stripeDescription, username, partnerName, tierId,
                         emailAddress, firstname, lastname, institute, street,
                         city, state, country, zip, hostname, redirect,
                         cardLast4, other, domain):
        message = {}
        message['price'] = priceToCharge
        message['tierId'] = tierId
        termObj = UsageTierTerm.objects.get(tierId=tierId)
        partnerObj = termObj.partnerId
        partnerId = partnerObj.partnerId
        status = True

        try:
            partyObj = Credential.getByUsernameAndPartner(username,
                                                          partnerId).partyId
            partyId = partyObj.partyId

            try:
                stripe.api_key = stripe_api_key
                charge = stripe.Charge.create(
                    amount=int(
                        priceToCharge * 100
                    ),  # stripe takes in cents; UI passes in dollars. multiply by 100 to convert.
                    currency="usd",
                    source=stripe_token,
                    description=stripeDescription,
                    metadata={
                        'Email': emailAddress,
                        'Institute': institute,
                        'Other': other
                    })
                pass
            except stripe.error.InvalidRequestError, e:
                status = False
                message['message'] = e.json_body['error']['message']
            except stripe.error.CardError, e:
                status = False
                message['message'] = e.json_body['error']['message']
Пример #8
0
    def put(self, request, format=None):
        if not isPhoenix(request):
            return HttpResponse(
                {
                    'error':
                    'credentialId and secretKey query parameters missing or invalid'
                },
                status=status.HTTP_400_BAD_REQUEST)

        data = request.data.copy()
        out = []

        if 'partyId' not in data:
            return Response({'error': 'partyId (aka institutionId) required'},
                            status=status.HTTP_400_BAD_REQUEST)

        institutionId = data['partyId']
        #get party
        party = Party.objects.get(partyId=institutionId)
        partySerializer = PartySerializer(party, data=data, partial=True)

        if any(param in CredentialSerializer.Meta.fields for param in data
               if param != 'partyId'):

            partner = Partner.objects.get(partnerId='phoenix')
            try:
                credential = Credential.objects.get(partyId=party,
                                                    partnerId=partner)
            except:
                if not all(param in data
                           for param in ('username', 'password')):
                    return Response(
                        {'error': 'username and password required.'},
                        status=status.HTTP_400_BAD_REQUEST)
                credential = Credential(partyId=party, partnerId=partner)

            if 'email' in data:
                for partyId in Credential.objects.all().filter(
                        email=data['email']).filter(
                            partnerId='phoenix').values_list('partyId',
                                                             flat=True):
                    if Party.objects.all().filter(partyId=partyId).filter(
                            partyType='organization').exists():
                        return Response(
                            {
                                'error':
                                'This email is already used by another institution.'
                            },
                            status=status.HTTP_400_BAD_REQUEST)

            if 'password' in data:
                if (not data['password'] or data['password'] == ""):
                    return Response({'error': 'password must not be empty'},
                                    status=status.HTTP_400_BAD_REQUEST)
                else:
                    newPwd = data['password']
                    data['password'] = hashlib.sha1(newPwd).hexdigest()
                    credentialSerializer = CredentialSerializer(credential,
                                                                data=data,
                                                                partial=True)
            else:
                credentialSerializer = CredentialSerializerNoPassword(
                    credential, data=data, partial=True)  #??

        if partySerializer.is_valid():
            if any(param in PartySerializer.Meta.fields for param in data
                   if param != 'partyId'):
                partySerializer.save()
            partyReturnData = partySerializer.data
            out.append(partyReturnData)
        else:
            return Response(partySerializer.errors,
                            status=status.HTTP_400_BAD_REQUEST)

        if any(param in CredentialSerializer.Meta.fields for param in data
               if param != 'partyId'):
            if credentialSerializer.is_valid():
                credentialSerializer.save()
                credentialReturnData = credentialSerializer.data
                out.append(credentialReturnData)
            else:
                return Response(credentialSerializer.errors,
                                status=status.HTTP_400_BAD_REQUEST)

        return HttpResponse(json.dumps(out), content_type="application/json")