async def unregister(self, request): if request.id != None: if str(request.id) in userdb: del userdb[str(request.id)] return web.json_response({"unregistered": True}) else: raise errors.Unauthorized("Not registered") else: raise errors.Unauthorized("A valid token is required")
async def fetch_activity(self, request): if request.id == None: raise errors.Unauthorized("A valid token is required") activity_id = int(request.rel_url.query["itemid"]) if activity_id >= len(self.activities_df): raise errors.UserError("this id is too big") with open(get_path("../../interactions.csv"), "a") as output_csv: writer = csv.writer(output_csv) writer.writerow([request.id, activity_id, 1, int(time.time())]) output = self.activities_df.iloc[activity_id].to_json() return web.Response(text=output)
def validate_session(self, session_token): """ Validates the session, raises an exception if either the session token does not exists or has expired. Upon successful validation, returns the username connected with the session. """ # Check if session exists session = self.backend.get_session(session_token) if not session: raise errors.Unauthorized() # Check expiry now = datetime.utcnow() session_duration = (now - session.create_time).total_seconds() if session_duration > self.session_expiry_time_seconds: raise errors.SessionExpired() return session.username
async def suggestion(self, request): if request.id == None or request.id not in userdb: raise errors.Unauthorized("A valid token is required") activities = userdb[request.id]["activities"] best_choice, best_proba = -1, -1 for item_id, proba in predict(request.id): if not self.activities_df.iloc[item_id]["type"] in activities: continue if proba > best_proba: best_choice, best_proba = item_id, proba activity = self.activities_df.iloc[best_choice] return web.json_response({ "user": userdb[request.id]["name"], "name": activity["description"], "desc": activity["full_description"], "url": activity["url"], "hours": userdb[request.id]["hours"], })
def wrapper(*args, **kwargs): if require_auth: session_token = None auth_header = request.get_header('Authorization') if auth_header: # Header format 'Authorization: Session-token mytoken' session_token = auth_header.split(' ', 1)[1] else: # Params format '?session_token=mytoken' session_token = request.query.get('session_token') if not session_token: raise errors.Unauthorized() # Raises an exception if the session is not valid # Else get the username connected with the session. username = self.controller.validate_session(session_token) return handler(username, *args, **kwargs) return handler(*args, **kwargs)
def authenticate(self, username, password): """ Authenticates the user and upon successful authentication creates a new session and returns the session token. Authentication is done by verifying the password with it's hash. """ # Authenticate user = self.backend.get_user(username) if not user: raise errors.Unauthorized() is_success = sha256_crypt.verify(password, user.hashed_password) session_token = utils.generate_uuid() if is_success else None # Record the login attempt self.backend.insert_login_attempt(username, session_token) if not is_success: raise errors.InvalidLogin() # Create the session on successful login self.backend.create_session(session_token, username) return session_token
async def logout(self, request): if request.id != None: self.EXPIRED_TOKENS.add(request.headers.get("Authorization", None)) return web.json_response({"disconnected": True}) else: raise errors.Unauthorized("A valid token is required")