def auth_creds(cls, username, password): """ Validate a username & password A token is returned if auth is successful & can be used to authorize future requests or ignored entirely if the authorization mechanizm does not need it. :return: string token """ store = goldman.sess.store login = store.find(cls.RTYPE, 'username', username) if not login: msg = 'No login found by that username. Spelling error?' raise AuthRejected(**{'detail': msg}) elif login.locked: msg = 'The login account is currently locked out.' raise AuthRejected(**{'detail': msg}) elif not cmp_val_salt_hash(password, login.salt, login.password): msg = 'The password provided is incorrect. Spelling error?' raise AuthRejected(**{'detail': msg}) else: if not login.token: login.token = random_str() login.post_authenticate() return login.token
def pre_create(sender, model): """ Callback before creating a new login Without a password during create we are forced to set the password to something random & complex. """ if isinstance(model, Model) and not model.password: model.password = random_str()
def __init__(self, **kwargs): super(APIException, self).__init__() kwargs['id'] = kwargs.get('id', random_str()) kwargs['links'] = {'about': kwargs.get('links', '')} kwargs['detail'] = kwargs.get('detail', '') self.data = kwargs