def _login(self, exp=86400):
self.set_header('Content-Type', 'application/jwt')
if app.NOTIFY_ON_LOGIN and not helpers.is_ip_private(
self.request.remote_ip):
notifiers.notify_login(self.request.remote_ip)
log.info('{user} logged into the API v2', {'user': app.WEB_USERNAME})
time_now = int(time.time())
self._ok(data=jwt.encode(
{
'iss':
'Medusa ' + app.APP_VERSION,
'iat':
time_now,
# @TODO: The jti should be saved so we can revoke tokens
'jti':
''.join(
random.choice(string.ascii_letters + string.digits)
for _ in range(20)),
'exp':
time_now + int(exp),
'scopes': [
'show:read', 'show:write'
], # @TODO: This should be replaced with scopes or roles/groups
'username':
app.WEB_USERNAME,
'apiKey':
app.
API_KEY # TODO: This should be replaced with the JWT itself
},
app.ENCRYPTION_SECRET,
algorithm='HS256'))
def post(self, *args, **kwargs):
"""
Submit Login
"""
api_key = None
username = app.WEB_USERNAME
password = app.WEB_PASSWORD
if all([(self.get_argument('username') == username or not username),
(self.get_argument('password') == password or not password)]):
api_key = app.API_KEY
if app.NOTIFY_ON_LOGIN and not helpers.is_ip_private(
self.request.remote_ip):
notifiers.notify_login(self.request.remote_ip)
if api_key:
remember_me = int(self.get_argument('remember_me', default=0) or 0)
self.set_secure_cookie(app.SECURE_TOKEN,
api_key,
expires_days=30 if remember_me else None)
logger.log('User logged into the Medusa web interface',
logger.INFO)
else:
logger.log(
'User attempted a failed login to the Medusa web interface from IP: {ip}'
.format(ip=self.request.remote_ip), logger.WARNING)
redirect_page = self.get_argument('next', None)
if redirect_page:
self.redirect('{page}'.format(page=self.get_argument('next')))
else:
self.redirect('/{page}/'.format(page=app.DEFAULT_PAGE))
def _login(self, exp=86400):
self.set_header('Content-Type', 'application/json')
if app.NOTIFY_ON_LOGIN and not helpers.is_ip_private(
self.request.remote_ip):
notifiers.notify_login(self.request.remote_ip)
log.info('{user} logged into the API v2', {'user': app.WEB_USERNAME})
time_now = int(time.time())
return self._ok(
data={
'token':
jwt.encode(
{
'iss':
'Medusa ' + text_type(app.APP_VERSION),
'iat':
time_now,
# @TODO: The jti should be saved so we can revoke tokens
'jti':
''.join(
random.choice(string.ascii_letters + string.digits)
for _ in range(20)),
'exp':
time_now + int(exp),
'username':
app.WEB_USERNAME,
'apiKey':
app.API_KEY
},
app.ENCRYPTION_SECRET,
algorithm='HS256').decode('utf-8')
})
def post(self, *args, **kwargs):
"""
Submit Login
"""
api_key = None
username = app.WEB_USERNAME
password = app.WEB_PASSWORD
if all([(self.get_argument('username') == username or not username),
(self.get_argument('password') == password or not password)]):
api_key = app.API_KEY
if app.NOTIFY_ON_LOGIN and not helpers.is_ip_private(self.request.remote_ip):
notifiers.notify_login(self.request.remote_ip)
if api_key:
remember_me = int(self.get_argument('remember_me', default=0) or 0)
self.set_secure_cookie(app.SECURE_TOKEN, api_key, expires_days=30 if remember_me else None)
logger.log('User logged into the Medusa web interface', logger.INFO)
else:
logger.log('User attempted a failed login to the Medusa web interface from IP: {ip}'.format
(ip=self.request.remote_ip), logger.WARNING)
redirect_page = self.get_argument('next', None)
if redirect_page:
self.redirect('{page}'.format(page=self.get_argument('next')))
else:
self.redirect('/{page}/'.format(page=app.DEFAULT_PAGE))
def test_is_ip_private(p):
# Given
ip = p['ip']
# When
actual = sut.is_ip_private(ip)
# Then
assert p['expected'] == actual
def _login(self, exp=86400):
self.set_header('Content-Type', 'application/json')
if app.NOTIFY_ON_LOGIN and not helpers.is_ip_private(self.request.remote_ip):
notifiers.notify_login(self.request.remote_ip)
log.info('{user} logged into the API v2', {'user': app.WEB_USERNAME})
time_now = int(time.time())
return self._ok(data={
'token': jwt.encode({
'iss': 'Medusa ' + text_type(app.APP_VERSION),
'iat': time_now,
# @TODO: The jti should be saved so we can revoke tokens
'jti': ''.join(random.choice(string.ascii_letters + string.digits) for _ in range(20)),
'exp': time_now + int(exp),
'username': app.WEB_USERNAME,
'apiKey': app.API_KEY
}, app.ENCRYPTION_SECRET, algorithm='HS256')
})