class AuthController(object): def __init__(self, auth): self.auth = auth def check_auth(self, func): @wraps(func) def wrapper(*args, **kwargs): try: if not self.auth_required(): logging.warn('Authentication is not required') else: logging.info('Authentication checking started') user = self.auth.authenticated_user(request) if not user: logging.info('Authentication checking failed') raise AuthenticationError(url=self.auth.login_url) logging.info( 'Authentication checking passed, user data: {0}'. format(user)) if not self.is_authorized(user): login = self.auth.user_login(user) logging.info( 'User {0} is not authorized'.format(login)) raise AuthorizationError(login=login) res = func(*args, **kwargs) except AuthError: raise except Exception as e: logging.error(e) raise return res return wrapper CONFIG_USERS = config.get('auth', {}).get('users', []) AUTHORIZED_USERS = (CONFIG_USERS if CONFIG_USERS and not '*' in CONFIG_USERS else []) def auth_required(self): return self.AUTHORIZED_USERS def is_authorized(self, user): if not self.AUTHORIZED_USERS: return True return self.auth.user_login(user) in self.AUTHORIZED_USERS
def json_group_info(group_id): try: resp = cocaine_request( 'get_couple_statistics', msgpack.packb([int(group_id)]) ) return resp except Exception as e: logging.error(e) logging.error(traceback.format_exc()) raise STATE_URL_TPL = 'http://{host}:{port}/command/status/{uid}/' MINIONS_CFG = config.get('minions', {}) @app.route('/json/commands/status/<uid>/') @json_response def json_command_status(uid): resp = cocaine_request( 'get_command', msgpack.packb([uid.encode('utf-8')]) ) resp = mastermind_response(resp) url = STATE_URL_TPL.format( host=resp['host'], port=MINIONS_CFG.get('port', 8081), uid=uid,
if CONFIG_USERS and not '*' in CONFIG_USERS else []) def auth_required(self): return self.AUTHORIZED_USERS def is_authorized(self, user): if not self.AUTHORIZED_USERS: return True return self.auth.user_login(user) in self.AUTHORIZED_USERS class FakeAuth(object): def __init__(self, **kwargs): pass def authenticated_user(self, request): return {'login': '******'} @property def login_url(self): return 'http://fake-url.com' def user_login(self, user): return user['login'] config_auth_class = config.get('auth', {}).get('class') Auth = config_auth_class and import_object(config_auth_class) or FakeAuth auth_controller = AuthController(Auth(logger=logging))
[]) def auth_required(self): return self.AUTHORIZED_USERS def is_authorized(self, user): if not self.AUTHORIZED_USERS: return True return self.auth.user_login(user) in self.AUTHORIZED_USERS class FakeAuth(object): def __init__(self, **kwargs): pass def authenticated_user(self, request): return {'login': '******'} @property def login_url(self): return 'http://fake-url.com' def user_login(self, user): return user['login'] config_auth_class = config.get('auth', {}).get('class') Auth = config_auth_class and import_object(config_auth_class) or FakeAuth auth_controller = AuthController(Auth(logger=logging))