def post(self): supplied_token = self.get_body_argument("token") match = TokenValidate.validator.match(supplied_token) if not match: return self.error(((1, "Token format not recognized"), )) sess = Session() token_name = match.group("token_name") token_secret = match.group("token_secret") owner = User.get(sess, name=match.group("name")) token = UserToken.get(sess, owner, token_name) if token is None: return self.error(((2, "Token specified does not exist"), )) if not token.enabled: return self.error(((3, "Token is disabled"), )) if not token.check_secret(token_secret): return self.error(((4, "Token secret mismatch"), )) return self.success({ "owner": owner.username, "identity": str(token), "act_as_owner": True, "valid": True, })
def post(self): supplied_token = self.get_body_argument("token") match = TokenValidate.validator.match(supplied_token) if not match: return self.error(((1, "Token format not recognized"),)) sess = Session() token_name = match.group("token_name") token_secret = match.group("token_secret") owner = User.get(sess, name=match.group("name")) token = UserToken.get(sess, owner, token_name) if token is None: return self.error(((2, "Token specified does not exist"),)) if not token.enabled: return self.error(((3, "Token is disabled"),)) if not token.check_secret(token_secret): return self.error(((4, "Token secret mismatch"),)) return self.success({ "owner": owner.username, "identity": str(token), "act_as_owner": True, "valid": True, })
def get(self, user_id=None, name=None, token_id=None): user = User.get(self.session, user_id, name) if not user: return self.notfound() if (user.name != self.current_user.name) and not self.current_user.user_admin: return self.forbidden() token = UserToken.get(self.session, user=user, id=token_id) return self.render("user-token-disable.html", user=user, token=token)
def get(self, user_id=None, name=None, token_id=None): user = User.get(self.session, user_id, name) if not user: return self.notfound() if not self.check_access(self.session, self.current_user, user): return self.forbidden() token = UserToken.get(self.session, user=user, id=token_id) return self.render("user-token-disable.html", user=user, token=token)
def get(self, *args: Any, **kwargs: Any) -> None: name = self.get_path_argument("name") token_id = int(self.get_path_argument("token_id")) user = User.get(self.session, name=name) if not user: return self.notfound() if not self.check_access(self.session, self.current_user, user): return self.forbidden() token = UserToken.get(self.session, user=user, id=token_id) return self.render("user-token-disable.html", user=user, token=token)
def test_usertokens(standard_graph, session, users, groups, permissions): # noqa: F811 user = users["*****@*****.**"] assert len(user.tokens) == 0 tok, secret = add_new_user_token(session, UserToken(user=user, name="Foo")) assert len(user.tokens) == 1 assert tok.check_secret(secret) assert tok.check_secret("invalid") == False assert tok.enabled == True disable_user_token(session, tok) assert tok.enabled == False assert user.tokens[0].enabled == False assert UserToken.get(session, name="Foo", user=user).enabled == False assert tok.check_secret(secret) == False
def post(self, user_id=None, name=None, token_id=None): user = User.get(self.session, user_id, name) if not user: return self.notfound() if (user.name != self.current_user.name) and not self.current_user.user_admin: return self.forbidden() token = UserToken.get(self.session, user=user, id=token_id) disable_user_token(self.session, token) AuditLog.log(self.session, self.current_user.id, 'disable_token', 'Disabled token: {}'.format(token.name), on_user_id=user.id) self.session.commit() return self.render("user-token-disabled.html", token=token)
def post(self, user_id=None, name=None, token_id=None): user = User.get(self.session, user_id, name) if not user: return self.notfound() if not self.check_access(self.session, self.current_user, user): return self.forbidden() token = UserToken.get(self.session, user=user, id=token_id) disable_user_token(self.session, token) AuditLog.log(self.session, self.current_user.id, 'disable_token', 'Disabled token: {}'.format(token.name), on_user_id=user.id) self.session.commit() return self.render("user-token-disabled.html", token=token)
def post(self, user_id=None, name=None, token_id=None): user = User.get(self.session, user_id, name) if not user: return self.notfound() if not self.check_access(self.session, self.current_user, user): return self.forbidden() token = UserToken.get(self.session, user=user, id=token_id) disable_user_token(self.session, token) AuditLog.log( self.session, self.current_user.id, "disable_token", "Disabled token: {}".format(token.name), on_user_id=user.id, ) self.session.commit() return self.render("user-token-disabled.html", token=token)
def post(self, *args: Any, **kwargs: Any) -> None: name = self.get_path_argument("name") token_id = int(self.get_path_argument("token_id")) user = User.get(self.session, name=name) if not user: return self.notfound() if not self.check_access(self.session, self.current_user, user): return self.forbidden() token = UserToken.get(self.session, user=user, id=token_id) disable_user_token(self.session, token) AuditLog.log( self.session, self.current_user.id, "disable_token", "Disabled token: {}".format(token.name), on_user_id=user.id, ) self.session.commit() return self.render("user-token-disabled.html", token=token)