def collection_post(self):
"""
Api for user authentication.
Store generated tokens in a cache entry related to user_id
and return a structure with this tokens for client usage.
"""
params = self.request.json
try:
user = User.authenticate(params['username'], params['password'])
log.info('Authenticate user {username}'.format(username=user.name))
except Exception as exc:
log.info('Authentication error for {name} : {error}'.
format(name=params['username'], error=exc))
raise AuthenticationError()
access_token = create_token()
refresh_token = create_token(80)
# ttl = self.request.cache.client.ttl
# TODO: remove this ttl to go back to cache.client
ttl = 86400
expires_at = (datetime.datetime.utcnow() +
datetime.timedelta(seconds=ttl))
tokens = {'access_token': access_token,
'refresh_token': refresh_token,
'expires_in': ttl, # TODO : remove this value
'expires_at': expires_at.isoformat()}
self.request.cache.set(user.user_id, tokens)
return {'user_id': user.user_id,
'username': user.name,
'tokens': tokens}
def collection_post(self):
"""
Api for user authentication.
Store generated tokens in a cache entry related to user_id
and return a structure with this tokens for client usage.
"""
params = self.request.json
try:
user = User.authenticate(params['username'], params['password'])
log.info('Authenticate user {username}'.format(username=user.name))
except Exception as exc:
log.info('Authentication error for {name} : {error}'.format(
name=params['username'], error=exc))
raise AuthenticationError(detail=exc.message)
# Device management
in_device = self.request.swagger_data['authentication']['device']
key = None
if in_device:
try:
device = Device.get(user, in_device['device_id'])
log.info("Found device %s" % device.device_id)
# Found a device, check if signature public key have X and Y
key = get_device_sig_key(user, device)
if not key:
log.error('No signature key found for device %r' %
device.device_id)
else:
if patch_device_key(key, in_device):
log.info('Patch device key OK')
else:
log.warn('Patch device key does not work')
except NotFound:
devices = Device.find(user)
if devices.get('objects', []):
in_device['status'] = 'unverified'
else:
in_device['name'] = 'default'
# we must declare a new device
device = Device.create_from_parameter(user, in_device,
self.request.headers)
log.info("Created device %s" % device.device_id)
key = get_device_sig_key(user, device)
if not key:
log.error('No signature key found for device %r' %
device.device_id)
else:
raise ValidationError(detail='No device informations')
try:
device.login(self.request.headers.get('X-Forwarded-For'))
except Exception as exc:
log.exception('Device login failed: {0}'.format(exc))
access_token = create_token()
refresh_token = create_token(80)
# ttl = self.request.cache.client.ttl
# TODO: remove this ttl to go back to cache.client
ttl = 86400
expires_at = (datetime.datetime.utcnow() +
datetime.timedelta(seconds=ttl))
tokens = {
'access_token': access_token,
'refresh_token': refresh_token,
'expires_in': ttl, # TODO : remove this value
'shard_id': user.shard_id,
'expires_at': expires_at.isoformat()
}
cache_key = '{}-{}'.format(user.user_id, device.device_id)
session_data = tokens.copy()
if key:
session_data.update({
'key_id': str(key.key_id),
'x': key.x,
'y': key.y,
'curve': key.crv
})
else:
raise MethodFailure(detail='No public key found for device')
self.request.cache.set(cache_key, session_data)
self.request.cache.set(user.user_id, tokens)
tokens.pop('shard_id')
return {
'user_id': user.user_id,
'username': user.name,
'tokens': tokens,
'device': {
'device_id': device.device_id,
'status': device.status
}
}
def collection_post(self):
"""
Api for user authentication.
Store generated tokens in a cache entry related to user_id
and return a structure with this tokens for client usage.
"""
params = self.request.json
try:
user = User.authenticate(params['username'], params['password'])
log.info('Authenticate user {username}'.format(username=user.name))
except Exception as exc:
log.info('Authentication error for {name} : {error}'.format(
name=params['username'], error=exc))
raise AuthenticationError(detail=exc.message)
# Device management
in_device = self.request.swagger_data['authentication']['device']
if in_device:
try:
device = Device.get(user, in_device['device_id'])
except NotFound:
devices = Device.find(user)
if devices.get('objects', []):
in_device['status'] = 'unverified'
else:
in_device['name'] = 'default'
# we must declare a new device
device = Device.create_from_parameter(user, in_device,
self.request.headers)
else:
device = FakeDevice()
access_token = create_token()
refresh_token = create_token(80)
# ttl = self.request.cache.client.ttl
# TODO: remove this ttl to go back to cache.client
ttl = 86400
expires_at = (datetime.datetime.utcnow() +
datetime.timedelta(seconds=ttl))
tokens = {
'access_token': access_token,
'refresh_token': refresh_token,
'expires_in': ttl, # TODO : remove this value
'expires_at': expires_at.isoformat()
}
cache_key = '{}-{}'.format(user.user_id, device.device_id)
self.request.cache.set(cache_key, tokens)
# XXX to remove when all authenticated API will use X-Device-ID
self.request.cache.set(user.user_id, tokens)
return {
'user_id': user.user_id,
'username': user.name,
'tokens': tokens,
'device': {
'device_id': device.device_id,
'status': device.status
}
}
def collection_post(self):
"""
Api for user authentication.
Store generated tokens in a cache entry related to user_id
and return a structure with this tokens for client usage.
"""
params = self.request.json
try:
user = User.authenticate(params['username'], params['password'])
log.info('Authenticate user {username}'.format(username=user.name))
except Exception as exc:
log.info('Authentication error for {name} : {error}'.
format(name=params['username'], error=exc))
raise AuthenticationError(detail=exc.message)
# Device management
in_device = self.request.swagger_data['authentication']['device']
key = None
if in_device:
try:
device = Device.get(user, in_device['device_id'])
log.info("Found device %s" % device.device_id)
# Found a device, check if signature public key have X and Y
key = get_device_sig_key(user, device)
if not key:
log.error('No signature key found for device %r'
% device.device_id)
else:
if patch_device_key(key, in_device):
log.info('Patch device key OK')
else:
log.warn('Patch device key does not work')
except NotFound:
devices = Device.find(user)
if devices.get('objects', []):
in_device['status'] = 'unverified'
else:
in_device['name'] = 'default'
# we must declare a new device
device = Device.create_from_parameter(user, in_device,
self.request.headers)
log.info("Created device %s" % device.device_id)
key = get_device_sig_key(user, device)
if not key:
log.error('No signature key found for device %r'
% device.device_id)
else:
raise ValidationError(detail='No device informations')
try:
device.login(self.request.headers.get('X-Forwarded-For'))
except Exception as exc:
log.exception('Device login failed: {0}'.format(exc))
access_token = create_token()
refresh_token = create_token(80)
# ttl = self.request.cache.client.ttl
# TODO: remove this ttl to go back to cache.client
ttl = 86400
expires_at = (datetime.datetime.utcnow() +
datetime.timedelta(seconds=ttl))
tokens = {'access_token': access_token,
'refresh_token': refresh_token,
'expires_in': ttl, # TODO : remove this value
'shard_id': user.shard_id,
'expires_at': expires_at.isoformat()}
cache_key = '{}-{}'.format(user.user_id, device.device_id)
session_data = tokens.copy()
if key:
session_data.update({'key_id': str(key.key_id),
'x': key.x,
'y': key.y,
'curve': key.crv})
else:
raise MethodFailure(detail='No public key found for device')
self.request.cache.set(cache_key, session_data)
self.request.cache.set(user.user_id, tokens)
tokens.pop('shard_id')
return {'user_id': user.user_id,
'username': user.name,
'tokens': tokens,
'device': {'device_id': device.device_id,
'status': device.status}}
def collection_post(self):
"""
Api for user authentication.
Store generated tokens in a cache entry related to user_id
and return a structure with this tokens for client usage.
"""
params = self.request.json
try:
user = User.authenticate(params['username'], params['password'])
log.info('Authenticate user {username}'.format(username=user.name))
except Exception as exc:
log.info('Authentication error for {name} : {error}'.format(
name=params['username'], error=exc))
raise AuthenticationError(detail=exc.message)
# Device management
in_device = self.request.swagger_data['authentication']['device']
key = None
if in_device:
try:
device = Device.get(user, in_device['device_id'])
log.info("Found device %s" % device.device_id)
# Found a device, check if signature public key have X and Y
key = get_device_sig_key(user, device)
if not key:
log.error('No signature key found for device %r' %
device.device_id)
else:
if patch_device_key(key, in_device):
log.info('Patch device key OK')
else:
log.warn('Patch device key does not work')
except NotFound:
devices = Device.find(user)
if devices.get('objects', []):
in_device['status'] = 'unverified'
else:
in_device['name'] = 'default'
# we must declare a new device
device = Device.create_from_parameter(user, in_device,
self.request.headers)
log.info("Created device %s" % device.device_id)
key = get_device_sig_key(user, device)
if not key:
log.error('No signature key found for device %r' %
device.device_id)
else:
raise ValidationError(detail='No device informations')
try:
device.login(self.request.headers.get('X-Forwarded-For'))
except Exception as exc:
log.exception('Device login failed: {0}'.format(exc))
tokens = make_user_device_tokens(self.request, user, device, key)
return {
'user_id': user.user_id,
'username': user.name,
'tokens': tokens,
'device': {
'device_id': device.device_id,
'status': device.status
}
}