def _check_auth(self, req: Request):
if self.auth_manager is None:
return
if req.get_auth() is None:
self._respond_with_error(req, "NeAuthError", "The bridge only accepts requests based on privileges")
raise AuthError()
auth = req.get_auth()
try:
if isinstance(auth, CredentialsAuthContainer):
self.auth_manager.authenticate(auth.username, auth.password)
self.auth_manager.check_path_access_level_for_user(auth.username,
req.get_path())
elif isinstance(auth, SerialAuthContainer):
self.auth_manager.check_path_access_level(ApiAccessLevel.admin,
req.get_path())
elif isinstance(auth, MqttAuthContainer):
self.auth_manager.check_path_access_level(ApiAccessLevel.mqtt,
req.get_path())
else:
self._respond_with_error(req, "UnknownAuthError", "Unknown error occurred")
raise AuthError()
except AuthenticationFailedException:
self._respond_with_error(req, "WrongAuthError", "illegal combination of username and password")
raise AuthError()
except UserDoesNotExistException:
self._respond_with_error(req, "UserDoesntExistError", "User does not exist")
raise AuthError()
except InsufficientAccessPrivilegeException:
self._respond_with_error(req, "AccessLevelError", "Insufficient privileges")
raise AuthError()
except UnknownUriException:
self._handle_unknown(req)
raise AuthError()
def _log_request(self, req: Request):
short_json = json.dumps(req.get_payload())
if len(short_json) > 35:
short_json = short_json[:35] + f"... + {len(short_json) - 35} bytes"
auth_type = "No Auth" if req.get_auth() is None else req.get_auth().__class__.__name__[:-13]
self._logger.info(f"Received request from '{req.get_sender()}' at '{req.get_path()}' "
f"(Auth type: '{auth_type}'): {short_json}")
