def post( self ): jsonobject = json.loads( self.request.body ) success = False error = 'Invalid request' answer = {} if jsonobject: code = jsonobject.get( 'code', '') displayname = jsonobject.get( 'displayname', '') app_id = jsonobject.get( 'app_id', '') app_secret = jsonobject.get( 'app_secret', '') if code and displayname and app_id and app_secret: if EnkiModelApp.exist_by_app_id_app_secret( app_id, app_secret ): # check against registered apps user_id = EnkiModelDisplayName.get_user_id_from_display_name( displayname ) if user_id: entity = EnkiModelRestAPIConnectToken.get_by_user_id_token_valid_age( user_id, code ) if entity: auth_token = enki.libutil.generate_auth_token() entity.key.delete() # single use token verification_token = EnkiModelRestAPITokenVerify( token = auth_token, user_id = user_id, app_id = app_id, app_secret = app_secret, type = 'apiconnect' ) verification_token.put() # persistent authentication token, a user may have several answer.update({ 'user_id' : str( user_id ), 'auth_token' : auth_token }) success = True error = '' else: error = 'Unauthorised user' else: error = 'Unauthorised app' answer.update({ 'success' : success, 'error' : error }) self.response.headers[ 'Content-Type' ] = 'application/json' self.response.write( json.dumps( answer, separators=(',',':') ))
def post(self): if self.ensure_is_logged_in(): self.check_CSRF() anchor = self.request.get('anchor', '') extended = 'True' if self.request.get( 'extended') == 'True' else 'False' disconnect_session_token = self.request.get('disconnect') disconnect_app_token = self.request.get('disconnect_app') if disconnect_session_token: enki.libuser.delete_session_token_auth( disconnect_session_token) self.add_infomessage('success', MSG.SUCCESS(), MSG.DISCONNECTED_SESSION()) extended = 'True' elif disconnect_app_token: EnkiModelRestAPITokenVerify.delete_token_by_id( disconnect_app_token) self.add_infomessage('success', MSG.SUCCESS(), MSG.DISCONNECTED_APP()) extended = 'True' self.redirect( enki.libutil.get_local_url('profile', { 'extended': extended, '_fragment': anchor }))
def check_secret( user_id, auth_token, app_secret ): if EnkiModelRestAPITokenVerify.exist_by_user_id_token_app_secret( user_id, auth_token, app_secret ): # the user verify token contains the same secret as was sent in the request return True else: # retrieve the app_id from the verify token and check if the corresponding registered app has a new secret token_verify = EnkiModelRestAPITokenVerify.get_by_user_id_token( user_id, auth_token ) if token_verify: app = EnkiModelApp.get_by_id( int( token_verify.app_id )) if app and app.secret == app_secret: # update the user's verify token app_secret token_verify.app_secret = app.secret token_verify.put() return True return False
def post( self ): if self.ensure_is_logged_in(): self.check_CSRF() anchor = self.request.get( 'anchor', '' ) extended = 'True' if self.request.get( 'extended' ) == 'True' else 'False' disconnect_session_token = self.request.get( 'disconnect' ) disconnect_app_token = self.request.get( 'disconnect_app' ) if disconnect_session_token: enki.libuser.delete_session_token_auth( disconnect_session_token ) self.add_infomessage( 'success', MSG.SUCCESS(), MSG.DISCONNECTED_SESSION()) extended = 'True' elif disconnect_app_token: EnkiModelRestAPITokenVerify.delete_token_by_id( disconnect_app_token ) self.add_infomessage( 'success', MSG.SUCCESS(), MSG.DISCONNECTED_APP()) extended = 'True' self.redirect( enki.libutil.get_local_url( 'profile', { 'extended' : extended, '_fragment' : anchor }))
def post(self): jsonobject = json.loads(self.request.body) success = False error = 'Invalid request' answer = {} if jsonobject: user_id = int(jsonobject.get('user_id', '')) auth_token = jsonobject.get('auth_token', '') app_secret = jsonobject.get('app_secret', '') data_type = jsonobject.get('data_type', '') data_id = jsonobject.get('data_id', '') if user_id and auth_token and app_secret and data_type and data_id: if enki.librestapi.check_secret(user_id, auth_token, app_secret): token_valid = EnkiModelRestAPITokenVerify.get_by_user_id_token( user_id, auth_token) if token_valid: # user is valid data_stores = enki.librestapi.fetch_EnkiModelRestAPIDataStore_by_user_id_app_id_data_type_data_id( user_id, token_valid.app_id, data_type, data_id) ndb.delete_multi(data_stores) success = True error = '' else: error = 'Unauthorised user' else: error = 'Unauthorised app' answer.update({'success': success, 'error': error}) self.response.headers['Content-Type'] = 'application/json' self.response.write(json.dumps(answer, separators=(',', ':')))
def post(self): jsonobject = json.loads(self.request.body) success = False error = 'Invalid request' answer = {} if jsonobject: user_id = int(jsonobject.get('user_id', '')) auth_token = jsonobject.get('auth_token', '') app_secret = jsonobject.get('app_secret', '') if user_id and auth_token and app_secret: if enki.librestapi.check_secret(user_id, auth_token, app_secret): if EnkiModelRestAPITokenVerify.exist_by_user_id_token( user_id, auth_token): friends = enki.libfriends.get_friends_user_id_display_name( user_id) if friends: answer.update({'friends': friends}) success = True error = '' else: error = 'Not found' else: error = 'Unauthorised user' else: error = 'Unauthorised app' answer.update({'success': success, 'error': error}) self.response.headers['Content-Type'] = 'application/json' self.response.write(json.dumps(answer, separators=(',', ':')))
def post( self ): jsonobject = json.loads( self.request.body ) success = False error = 'Invalid request' answer = {} if jsonobject: user_id = int( jsonobject.get( 'user_id', '')) auth_token = jsonobject.get( 'auth_token', '') app_secret = jsonobject.get( 'app_secret', '') data_type = jsonobject.get( 'data_type', '') data_id = jsonobject.get( 'data_id', '') if user_id and auth_token and app_secret and data_type and data_id: if EnkiModelApp.check_secret( user_id, auth_token, app_secret ): token_valid = EnkiModelRestAPITokenVerify.get_by_user_id_token( user_id, auth_token ) if token_valid: # user is valid data_store_item = EnkiModelRestAPIDataStore.get_by_user_id_app_id_data_type_data_id_not_expired( user_id, token_valid.app_id, data_type, data_id ) if data_store_item: answer.update({ 'data_payload' : data_store_item.data_payload, 'time_expires' : enki.libutil.seconds_from_epoch( data_store_item.time_expires ) , 'read_access' : data_store_item.read_access, 'server_time' : int( time.time())}) success = True error = '' else: error = 'Not found' else: error = 'Unauthorised user' else: error = 'Unauthorised app' answer.update({ 'success' : success, 'error' : error }) self.response.headers[ 'Content-Type' ] = 'application/json' self.response.write( json.dumps( answer, separators=(',',':') ))
def post( self ): jsonobject = json.loads( self.request.body ) success = False error = 'Invalid request' answer = {} if jsonobject: user_id = int( jsonobject.get( 'user_id', '')) auth_token = jsonobject.get( 'auth_token', '') app_secret = jsonobject.get( 'app_secret', '') products = jsonobject.get( 'products', '') if user_id and auth_token and app_secret: if EnkiModelApp.check_secret( user_id, auth_token, app_secret ): if EnkiModelRestAPITokenVerify.exist_by_user_id_token( user_id, auth_token ): if products: # check which products in the list are activated by the user and return them list_entities = EnkiModelProductKey.fetch_by_activator_products_list( user_id, products ) else: # no product specified, return all products activated by the user list_entities = EnkiModelProductKey.fetch_by_activator( user_id ) if list_entities: list_products = [] for i, item in enumerate( list_entities ): list_products.append( item.product_name ) answer.update({ 'products_owned' : list_products }) success = True error = '' else: error = 'Not found' else: error = 'Unauthorised user' else: error = 'Unauthorised app' answer.update({ 'success' : success, 'error' : error }) self.response.headers[ 'Content-Type' ] = 'application/json' self.response.write( json.dumps( answer, separators=(',',':') ))
def check_secret(user_id, auth_token, app_secret): if EnkiModelRestAPITokenVerify.exist_by_user_id_token_app_secret( user_id, auth_token, app_secret): # the user verify token contains the same secret as was sent in the request return True else: # retrieve the app_id from the verify token and check if the corresponding registered app has a new secret token_verify = EnkiModelRestAPITokenVerify.get_by_user_id_token( user_id, auth_token) if token_verify: app = EnkiModelApp.get_by_id(int(token_verify.app_id)) if app and app.secret == app_secret: # update the user's verify token app_secret token_verify.app_secret = app.secret token_verify.put() return True return False
def get(self): if self.ensure_is_logged_in(): extended = True if self.request.get( 'extended') == 'True' else False data = collections.namedtuple( 'data', 'current_display_name, previous_display_names, friends, messages, sessions, sessions_app, apps' ) current_display_name = '' previous_display_names = '' user_display_name = enki.libdisplayname.get_EnkiUserDisplayName_by_user_id_current( self.user_id) if user_display_name: current_display_name = enki.libdisplayname.get_user_id_display_name_url( user_display_name) previous_display_names = enki.libdisplayname.get_user_display_name_old( self.user_id) sessions = [] current_token = self.session.get('auth_token') auth_tokens = enki.libuser.fetch_AuthTokens(self.user_id) for item in auth_tokens: current = False if current_token == item.token: current = True sessions.append({ 'tokenauth_id': item.key.id(), 'time_created': item.time_created, 'current': current }) sessions_app = [] list = EnkiModelRestAPITokenVerify.fetch_by_user_id_type( user_id=self.user_id, type='apiconnect') for item in list: sessions_app.append({ 'token_id': item.key.id(), 'time_created': item.time_created }) friends = 0 messages = 0 apps = 0 if not extended: friends = enki.libfriends.count_EnkiFriends(self.user_id) messages = enki.libmessage.count_EnkiMessage_by_recipient( self.user_id) apps = EnkiModelApp.count_by_user_id(self.user_id) data = data(current_display_name, previous_display_names, friends, messages, sessions, sessions_app, apps) self.render_tmpl('profile.html', active_menu='profile', extended=extended, data=data)
def post( self ): jsonobject = json.loads( self.request.body ) success = False error = 'Invalid request' answer = {} if jsonobject: user_id = int( jsonobject.get( 'user_id', '')) auth_token = jsonobject.get( 'auth_token', '') app_secret = jsonobject.get( 'app_secret', '') data_type = jsonobject.get( 'data_type', '') data_id = jsonobject.get( 'data_id', '') data_payload = jsonobject.get( 'data_payload' ) # set the expiry time time_to_expiry = int(jsonobject.get( 'time_expires', EnkiModelRestAPIDataStore.DATASTORE_EXPIRY_DEFAULT )) # default lifetime if unspecified if time_to_expiry == 0: # non-expiring lifetime time_to_expiry = EnkiModelRestAPIDataStore.DATASTORE_NON_EXPIRING time_expires = datetime.datetime.now() + datetime.timedelta( seconds = time_to_expiry ) read_access = jsonobject.get( 'read_access', '' ) if user_id and auth_token and app_secret and data_type and data_id and data_payload and time_expires: if EnkiModelApp.check_secret( user_id, auth_token, app_secret ): token_valid = EnkiModelRestAPITokenVerify.get_by_user_id_token( user_id, auth_token ) if token_valid: # user is valid # add optional calculated properties to the data payload if 'calc_ip_addr' in data_payload: # IP address of the request remote_address = self.request.remote_addr data_payload.update({ 'calc_ip_addr' : remote_address }) data_store = EnkiModelRestAPIDataStore.get_by_user_id_app_id_data_type_data_id( user_id, token_valid.app_id, data_type, data_id ) if data_store: # update data_store.data_payload = data_payload data_store.time_expires = time_expires # update the expiry time if read_access: # if read_access is not specified, don't update it data_store.read_access = read_access else: # create new if not read_access: # if read_access is not specified, use the default value defined in the model data_store = EnkiModelRestAPIDataStore( user_id = user_id, app_id = token_valid.app_id, data_type = data_type, data_id = data_id, data_payload = data_payload, time_expires = time_expires ) else: data_store = EnkiModelRestAPIDataStore( user_id = user_id, app_id = token_valid.app_id, data_type = data_type, data_id = data_id, data_payload = data_payload, time_expires = time_expires, read_access = read_access ) data_store.put() success = True error = '' else: error = 'Unauthorised user' else: error = 'Unauthorised app' answer.update({ 'success' : success, 'error' : error }) self.response.headers[ 'Content-Type' ] = 'application/json' self.response.write( json.dumps( answer, separators=(',',':') ))
def post( self ): jsonobject = json.loads( self.request.body ) success = False error = 'Invalid request' answer = {} if jsonobject: user_id = int( jsonobject.get( 'user_id', '' )) auth_token = jsonobject.get( 'auth_token', '' ) app_secret = jsonobject.get( 'app_secret', '') data_type = jsonobject.get( 'data_type', '' ) read_access = jsonobject.get( 'read_access', '' ) if user_id and auth_token and app_secret and data_type and ( read_access == 'public' or read_access == 'private' or read_access == 'friends' ): if EnkiModelApp.check_secret( user_id, auth_token, app_secret ): token_valid = EnkiModelRestAPITokenVerify.get_by_user_id_token( user_id, auth_token ) if token_valid: # user is valid error = 'Not found' data_store_list = [] if read_access == 'public': # returns all data with read-access "public" data_store_list = EnkiModelRestAPIDataStore.fetch_by_app_id_data_type_read_access_not_expired( token_valid.app_id, data_type, read_access ) else: people_list = [] if read_access == 'private': # returns all user's data with read-access "private" people_list = [ user_id ] elif read_access == 'friends': # returns list of user's friends' data with friends' read_access "friends" people_list = EnkiModelFriends.get_friends_user_id( user_id ) # get the user's friends' ids if people_list: for person_id in people_list: # get each persons' data data_store_list = EnkiModelRestAPIDataStore.fetch_by_user_id_app_id_data_type_read_access_not_expired( person_id, token_valid.app_id, data_type, read_access ) if data_store_list: data_payloads = [] for data_store_item in data_store_list: data_payloads.append({ 'user_id' : str( data_store_item.user_id ), 'data_id' : data_store_item.data_id, 'data_payload' : data_store_item.data_payload, 'time_expires' : enki.libutil.seconds_from_epoch( data_store_item.time_expires )}) if data_payloads: answer.update({ 'data_payloads' : data_payloads, 'server_time' : int( time.time())}) success = True error = '' else: error = 'Unauthorised user' else: error = 'Unauthorised app' answer.update({ 'success' : success, 'error' : error }) self.response.headers[ 'Content-Type' ] = 'application/json' self.response.write( json.dumps( answer, separators=(',',':') ))
def post( self ): jsonobject = json.loads( self.request.body ) success = False error = 'Invalid request' answer = {} if jsonobject: user_id = int( jsonobject.get( 'user_id', '')) auth_token = jsonobject.get( 'auth_token', '') app_secret = jsonobject.get( 'app_secret', '') if user_id and auth_token and app_secret: if EnkiModelApp.check_secret( user_id, auth_token, app_secret ): if EnkiModelRestAPITokenVerify.delete_by_user_id_token( user_id, auth_token ): success = True error = '' else: error = 'Unauthorised user' else: error = 'Unauthorised app' answer.update({ 'success' : success, 'error' : error }) self.response.headers[ 'Content-Type' ] = 'application/json' self.response.write( json.dumps( answer, separators=(',',':') ))
def get( self ): if self.ensure_is_logged_in(): extended = True if self.request.get( 'extended' ) == 'True' else False data = collections.namedtuple( 'data', 'current_display_name, previous_display_names, friends, messages, sessions, sessions_app, apps' ) current_display_name = '' previous_display_names = '' user_display_name = enki.libdisplayname.get_EnkiUserDisplayName_by_user_id_current( self.user_id ) if user_display_name: current_display_name = enki.libdisplayname.get_user_id_display_name_url( user_display_name ) previous_display_names = enki.libdisplayname.get_user_display_name_old( self.user_id ) sessions = [] current_token = self.session.get( 'auth_token' ) auth_tokens = enki.libuser.fetch_AuthTokens( self.user_id ) for item in auth_tokens: current = False if current_token == item.token: current = True sessions.append({ 'tokenauth_id' : item.key.id(), 'time_created' : item.time_created, 'current' : current }) sessions_app = [] list = EnkiModelRestAPITokenVerify.fetch_by_user_id_type( user_id = self.user_id, type = 'apiconnect' ) for item in list: sessions_app.append({ 'token_id' : item.key.id(), 'time_created' : item.time_created }) friends = 0 messages = 0 apps = 0 if not extended: friends = enki.libfriends.count_EnkiFriends( self.user_id ) messages = enki.libmessage.count_EnkiMessage_by_recipient( self.user_id ) apps = EnkiModelApp.count_by_user_id( self.user_id ) data = data( current_display_name, previous_display_names, friends, messages, sessions, sessions_app, apps ) self.render_tmpl( 'profile.html', active_menu = 'profile', extended = extended, data = data )