def test_client_token(self): token_no_info = get_client_token( self.secret_key, self.project_id, self.user_id ) token_with_info = get_client_token( self.secret_key, self.project_id, self.user_id, user_info=self.user_info ) self.assertTrue(token_no_info != token_with_info)
def test_client_token(self): now = int(time.time()) token_no_info = get_client_token( self.secret_key, self.project_id, self.user_id, str(now) ) token_with_info = get_client_token( self.secret_key, self.project_id, self.user_id, str(now), user_info=self.user_info ) self.assertTrue(token_no_info != token_with_info)
def handle_connect(self, params): """ Authenticate client's connection, initialize required variables in case of successful authentication. """ if self.is_authenticated: raise Return((True, None)) token = params["token"] user = params["user"] project_id = params["project"] project, error = yield self.get_project(project_id) if error: raise Return((None, error)) secret_key = project['secret_key'] if token != auth.get_client_token(secret_key, project_id, user): raise Return((None, "invalid token")) self.is_authenticated = True self.project_id = project_id self.user = user self.default_user_info = json_encode({'user_id': self.user, 'client_id': self.uid}) self.channels = {} if not self.application.state.fake: self.presence_ping = PeriodicCallback( self.send_presence_ping, self.application.state.presence_ping_interval ) self.presence_ping.start() raise Return((self.uid, None))
def handle_connect(self, params): """ Authenticate client's connection, initialize required variables in case of successful authentication. """ if self.is_authenticated: raise Return((True, None)) token = params["token"] user = params["user"] project_id = params["project"] user_info = params.get("info", None) project, error = yield self.get_project(project_id) if error: raise Return((None, error)) secret_key = project['secret_key'] if token != auth.get_client_token( secret_key, project_id, user, user_info=user_info): raise Return((None, "invalid token")) if user_info is not None: try: user_info = json_decode(user_info) except Exception as err: logger.debug("malformed JSON data in user_info") logger.debug(err) user_info = None self.is_authenticated = True self.project_id = project_id self.user = user self.default_user_info = { 'user_id': self.user, 'client_id': self.uid, 'default_info': user_info, 'channel_info': None } self.channels = {} if not self.application.state.fake: self.presence_ping = PeriodicCallback( self.send_presence_ping, self.application.state.presence_ping_interval) self.presence_ping.start() raise Return((self.uid, None))
def handle_connect(self, params): """ Authenticate client's connection, initialize required variables in case of successful authentication. """ if self.is_authenticated: raise Return((True, None)) token = params["token"] user = params["user"] project_id = params["project"] user_info = params.get("info", None) project, error = yield self.get_project(project_id) if error: raise Return((None, error)) secret_key = project['secret_key'] if token != auth.get_client_token(secret_key, project_id, user, user_info=user_info): raise Return((None, "invalid token")) if user_info is not None: try: user_info = json_decode(user_info) except Exception as err: logger.debug("malformed JSON data in user_info") logger.debug(err) user_info = None self.is_authenticated = True self.project_id = project_id self.user = user self.default_user_info = { 'user_id': self.user, 'client_id': self.uid, 'default_info': user_info, 'channel_info': None } self.channels = {} if not self.application.state.fake: self.presence_ping = PeriodicCallback( self.send_presence_ping, self.application.state.presence_ping_interval ) self.presence_ping.start() raise Return((self.uid, None))
def handle_connect(self, params): """ Authenticate client's connection, initialize required variables in case of successful authentication. """ if self.application.collector: self.application.collector.incr('connect') if self.is_authenticated: raise Return((self.uid, None)) token = params["token"] user = params["user"] project_id = params["project"] timestamp = params["timestamp"] user_info = params.get("info") project, error = yield self.application.get_project(project_id) if error: raise Return((None, error)) secret_key = project['secret_key'] try: client_token = auth.get_client_token(secret_key, project_id, user, timestamp, user_info=user_info) except Exception as err: logger.error(err) raise Return((None, "invalid connection parameters")) if token != client_token: raise Return((None, "invalid token")) if user_info is not None: try: user_info = json_decode(user_info) except Exception as err: logger.debug("malformed JSON data in user_info") logger.debug(err) user_info = None try: timestamp = int(timestamp) except ValueError: raise Return((None, "invalid timestamp")) now = time.time() self.user = user self.examined_at = timestamp connection_check = project.get('connection_check', False) if connection_check and self.examined_at + project.get("connection_lifetime", 24*365*3600) < now: # connection expired - this is a rare case when Centrifuge went offline # for a while or client turned on his computer from sleeping mode. # put this client into the queue of connections waiting for # permission to reconnect with expired credentials. To avoid waiting # client must reconnect with actual credentials i.e. reload browser # window. if project_id not in self.application.expired_reconnections: self.application.expired_reconnections[project_id] = [] self.application.expired_reconnections[project_id].append(self) if project_id not in self.application.expired_connections: self.application.expired_connections[project_id] = { "users": set(), "checked_at": None } self.application.expired_connections[project_id]["users"].add(user) self.connect_queue = toro.Queue(maxsize=1) value = yield self.connect_queue.get() if not value: yield self.close_sock() raise Return((None, self.application.UNAUTHORIZED)) else: self.connect_queue = None # Welcome to Centrifuge dear Connection! self.is_authenticated = True self.project_id = project_id self.token = token self.default_user_info = { 'user_id': self.user, 'client_id': self.uid, 'default_info': user_info, 'channel_info': None } self.channels = {} self.presence_ping_task = PeriodicCallback( self.send_presence_ping, self.application.engine.presence_ping_interval ) self.presence_ping_task.start() self.application.add_connection(project_id, self.user, self.uid, self) raise Return((self.uid, None))
def handle_connect(self, params): """ Authenticate client's connection, initialize required variables in case of successful authentication. """ if self.application.collector: self.application.collector.incr('connect') self.application.collector.incr(self.sock.session.transport_name) if self.is_authenticated: raise Return((self.uid, None)) token = params["token"] user = params["user"] project_id = params["project"] timestamp = params["timestamp"] user_info = params.get("info") project, error = yield self.application.get_project(project_id) if error: raise Return((None, error)) secret_key = project['secret_key'] try: client_token = auth.get_client_token(secret_key, project_id, user, timestamp, user_info=user_info) except Exception as err: logger.error(err) raise Return((None, "invalid connection parameters")) if token != client_token: raise Return((None, "invalid token")) if user_info is not None: try: user_info = json_decode(user_info) except Exception as err: logger.error("malformed JSON data in user_info") logger.error(err) user_info = None try: timestamp = int(timestamp) except ValueError: raise Return((None, "invalid timestamp")) now = time.time() self.user = user self.examined_at = timestamp connection_check = project.get('connection_check', False) if connection_check and self.examined_at + project.get( "connection_lifetime", 24 * 365 * 3600) < now: # connection expired - this is a rare case when Centrifuge went offline # for a while or client turned on his computer from sleeping mode. # put this client into the queue of connections waiting for # permission to reconnect with expired credentials. To avoid waiting # client must reconnect with actual credentials i.e. reload browser # window. if project_id not in self.application.expired_reconnections: self.application.expired_reconnections[project_id] = [] self.application.expired_reconnections[project_id].append(self) if project_id not in self.application.expired_connections: self.application.expired_connections[project_id] = { "users": set(), "checked_at": None } self.application.expired_connections[project_id]["users"].add(user) self.connect_queue = toro.Queue(maxsize=1) value = yield self.connect_queue.get() if not value: yield self.close_sock() raise Return((None, self.application.UNAUTHORIZED)) else: self.connect_queue = None # Welcome to Centrifuge dear Connection! self.is_authenticated = True self.project_id = project_id self.token = token self.default_user_info = { 'user_id': self.user, 'client_id': self.uid, 'default_info': user_info, 'channel_info': None } self.channels = {} self.presence_ping_task = PeriodicCallback( self.send_presence_ping, self.application.engine.presence_ping_interval) self.presence_ping_task.start() self.application.add_connection(project_id, self.user, self.uid, self) raise Return((self.uid, None))