def get_user(cookies): if 'auth_token' not in cookies: return None username = unsign_auth_token(cookies['auth_token']) url = '%s/api/%s/users/%s' % (USERS_URL, USERS_VERSION, username) r = requests.get(url, cookies=cookies) return r.json()
def is_super_admin(cookies=None): if cookies: if 'auth_token' in cookies: username = unsign_auth_token(cookies['auth_token']) super_user_name = os.environ["AUTH_ADMIN_USER_ID"] if username == super_user_name: return True return False
def get_user_id_for_user(cookies=None): if cookies: if cookies['auth_token']: username = unsign_auth_token(cookies['auth_token']) super_user_name = os.environ["AUTH_ADMIN_USER_ID"] if username != super_user_name: return username return None
def verify_user_role(self, role): auth_token = request.cookies.get("auth_token", None) if auth_token is None: return False username = unsign_auth_token(auth_token) try: user = repo.get_user_by_id(username, request.cookies) return repo.has_role(user, role) except Exception: return False
def get_user(cookies): if 'auth_token' not in cookies: current_app.logger.info('auth_token not found in cookies') return None auth_token = cookies['auth_token'] username = unsign_auth_token(auth_token) if username is None: current_app.logger.info(('auth_token could not be ' 'unsigned: auth_token=%s'), auth_token) return None url = '%s/api/%s/users/%s' % (USERS_URL, USERS_VERSION, username) r = requests.get(url, cookies=cookies) return r.json()
def http_request_logger(app, appName, request): """ :param app: the instance of the flask app for the application where logging is to be done :param appName: the custom name of the app that is doing the logging to easily identify it in the log if it shares log file with other apps :param request: the Flask request """ try: request_data = '' user_info = None g.response_sent = False if request.method != 'GET': if len(request.files) > 0: for key, value in request.files.iteritems(): request_data += " File: " + str(key) + ":" + str(value) + "|" if len(request.form) > 0: for key, value in request.form.iteritems(): request_data += " " + str(key) + ":" + str(value) + "|" if len(request.args) > 0: for key, value in request.args.iteritems(): request_data += " " + str(key) + ":" + str(value) + "|" if request.json: request_data += str(json.dumps(request.json)) if request.cookies: if 'auth_token' in request.cookies: user_info = " " + str(unsign_auth_token(request.cookies['auth_token'])) if not user_info: user_info = "ANONYMOUS USER" g.uuid = uuid.uuid4() app.http_logger.debug("%s HTTP_AUDIT:REQUEST %s %s %s %s %s" % (appName, g.uuid, user_info, request.method, request.url, request_data)) except Exception as e: # Avoid that we get exception in request due to logging, and that it breaks the web app try: app.http_logger.exception("%s HTTP_AUDIT:REQUEST LOG ERROR. An exception occured when attempting to log request." % appName) except Exception: pass
def revoke_credential_from_user(self, credential_id, user_id): # do not allow to revoke oneself! auth_token = request.cookies.get('auth_token', None) if auth_token is None: abort(400, __error__=["Missing parameters or body."]) current_user_id = unsign_auth_token(auth_token) if current_user_id == user_id: abort(403, __error__=["Cannot revoke credentials for oneself."]) user = UserResource.find_by_id(user_id) credential = self.find_by_id(credential_id) user.credentials.remove(credential) current_app.db_session.commit() return credential
def create_ws_sak(application, resource): username = unsign_auth_token(request.cookies['auth_token']) return WSSak(resource_name=resource['name'], saksansvarlig=username)
def get_user_id_from_request(self): if "auth_token" in request.cookies: return unsign_auth_token(request.cookies["auth_token"]) if request.authorization: return request.authorization.username return None
def get_user_id_from_cookies(cookies): if 'auth_token' not in cookies: return None return unsign_auth_token(cookies['auth_token'])