示例#1
0
    def post(self):
        """
        login

        Endpoint used for requesting JWT token via a username and password
        """
        if not request.is_json:
            api.abort(400, "Missing JSON in request")

        username = request.json.get("username", None)
        password = request.json.get("password", None)
        if not username:
            api.abort(400, "Missing username parameter in request body")
        if not password:
            api.abort(400, "Missing password parameter in request body")

        user = User.get(username, auth_handler)

        if user is None:
            api.abort(400, "Bad username or password")

        if user is not None and user.authenticate(password):
            access_token = create_access_token(
                identity="user_{}".format(user.id))

            access_jti = get_jti(encoded_token=access_token)

            token_blacklist.set(access_jti, "false", ACCESS_EXPIRES * 1.2)

            ret = {"access_token": access_token}

            return ret

        else:
            api.abort(400, "Bad username or password")
示例#2
0
def callback():
    # Get authorization code IDP sent back
    form = LoginForm()
    try:
        code = request.args.get("code")
        idp_provider_cfg = get_idp_provider_cfg()
        token_endpoint = idp_provider_cfg["token_endpoint"]
        # Request to get tokens from IDP
        token_url, headers, body = oidcClient.prepare_token_request(
            token_endpoint,
            authorization_response=request.url,
            redirect_url=request.base_url,
            code=code,
        )
        with get_session() as session:
            token_response = session.post(
                token_url,
                headers=headers,
                data=body,
                auth=(config.getClientID(), config.getClientSecret()),
                verify=config.useSSLVerify(),
            )

        # Parse the tokens!
        oidcClient.parse_request_body_response(
            json.dumps(token_response.json()))
        # find and hit the userinfo endpoint
        # from IDP that gives user's profile information,
        # including their preferred username -
        userinfo_endpoint = idp_provider_cfg["userinfo_endpoint"]
        uri, headers, body = oidcClient.add_token(userinfo_endpoint)

        with get_session() as session:
            userinfo_response = session.get(uri,
                                            headers=headers,
                                            data=body,
                                            verify=config.useSSLVerify())

        # Login the user
        preferred_username = userinfo_response.json()["preferred_username"]
        if preferred_username:
            person = User.get(preferred_username, auth_handler)
            defaultFilters.update({
                "blacklistSelect": "on",
                "whitelistSelect": "on",
                "unlistedSelect": "show",
            })
            login_user(person)
            return redirect(url_for("admin.admin_home"))
        else:
            return render_template("login.html",
                                   form=form,
                                   status="auth_again",
                                   show_oidc=config.useOIDC())
    except Exception as err:
        logger.error(f"****OIDC callback exception***** --> {err}")
        return render_template("login.html",
                               form=form,
                               status="auth_again",
                               show_oidc=config.useOIDC())
示例#3
0
def login():

    form = LoginForm()

    if current_user.is_authenticated:
        return redirect(url_for("home.index"))

    if not config.loginRequired():
        person = User.get("_dummy_", auth_handler)
        defaultFilters.update({
            "blacklistSelect": "on",
            "whitelistSelect": "on",
            "unlistedSelect": "show"
        })
        login_user(person)

        return redirect(url_for("admin.admin_home"))

    if form.validate_on_submit():

        # validate username and password
        username = request.form.get("username")
        password = request.form.get("password")
        person = User.get(username, auth_handler)
        if person and person.authenticate(password):
            defaultFilters.update({
                "blacklistSelect": "on",
                "whitelistSelect": "on",
                "unlistedSelect": "show",
            })
            login_user(person)
            return redirect(url_for("admin.admin_home"))
        else:
            return render_template(
                "login.html",
                form=form,
                status="wrong_user_pass",
                show_oidc=config.useOIDC(),
            )
    else:
        return render_template("login.html",
                               form=form,
                               show_oidc=config.useOIDC())
示例#4
0
def admin():
    status = ["default", "none"]
    if Configuration.loginRequired():
        if not current_user.is_authenticated():
            return render_template('login.html', status=status)
        else:
            return render_template('admin.html', status=status, stats=adminStats())
    else:
        person = User.get("_dummy_")
        login_user(person)
        return render_template('admin.html', status=status, stats=adminStats())
示例#5
0
def admin():
    status = ["default", "none"]
    if Configuration.loginRequired():
        if not current_user.is_authenticated():
            return render_template('login.html', status=status)
        else:
            return render_template('admin.html', status=status, stats=adminStats())
    else:
        person = User.get("_dummy_")
        login_user(person)
        return render_template('admin.html', status=status, stats=adminStats())
示例#6
0
def login_check():
    # validate username and password
    username = request.form.get('username')
    password = request.form.get('password')
    person = User.get(username)
    try:
        if person and pbkdf2_sha256.verify(password, person.password):
            login_user(person)
            return render_template('admin.html', status=["logged_in", "success"], stats=adminStats())
        else:
            return render_template('login.html', status=["wrong_combination", "warning"])
    except:
        return render_template('login.html', status=["outdated_database", "error"])
示例#7
0
def login_check():
    # validate username and password
    username = request.form.get('username')
    password = request.form.get('password')
    person = User.get(username)
    try:
        if person and pbkdf2_sha256.verify(password, person.password):
            login_user(person)
            return render_template('admin.html', status="logged_in", **adminInfo())
        else:
            return render_template('login.html', status="wrong_user_pass")
    except:
        return render_template('login.html', status="outdated_database")
示例#8
0
def login_check():
    # validate username and password
    username = request.form.get('username')
    password = request.form.get('password')
    person = User.get(username)
    try:
        if person and pbkdf2_sha256.verify(password, person.password):
            login_user(person)
            return render_template('admin.html', status="logged_in", **adminInfo())
        else:
            return render_template('login.html', status="wrong_user_pass")
    except:
        return render_template('login.html', status="outdated_database")
示例#9
0
def login_check():
    # validate username and password
    username = request.form.get('username')
    password = request.form.get('password')
    person = User.get(username)
    try:
        if person and pbkdf2_sha256.verify(password, person.password):
            login_user(person)
            return render_template('admin.html', status=["logged_in", "success"], stats=adminStats())
        else:
            return render_template('login.html', status=["wrong_combination", "warning"])
    except:
        return render_template('login.html', status=["outdated_database", "error"])
示例#10
0
def admin():
    if Configuration.loginRequired():
        if not current_user.is_authenticated():
            return render_template('login.html')
    else:
        person = User.get("_dummy_")
        login_user(person)
    output = None
    if os.path.isfile(Configuration.getUpdateLogFile()):
        with open(Configuration.getUpdateLogFile()) as updateFile:
            separator="==========================\n"
            output=updateFile.read().split(separator)[-2:]
            output=separator+separator.join(output)
    return render_template('admin.html', status="default", stats=adminStats(), updateOutput=filterUpdateField(output))
示例#11
0
 def login_check(self):
   # validate username and password
   username = request.form.get('username')
   password = request.form.get('password')
   person = User.get(username, self.auth_handler)
   try:
     if person and person.authenticate(password):
       login_user(person)
       return render_template('admin.html', status="logged_in", **self.adminInfo())
     else:
       return render_template('login.html', status="wrong_user_pass")
   except Exception as e:
     print(e)
     return render_template('login.html', status="outdated_database")
示例#12
0
 def login_check(self):
     # validate username and password
     username = request.form.get('username')
     password = request.form.get('password')
     person = User.get(username, self.auth_handler)
     try:
         if person and person.authenticate(password):
             login_user(person)
             return redirect('admin')
         else:
             return render_template('login.html', status="wrong_user_pass")
     except Exception as e:
         print(e)
         return render_template('login.html', status="outdated_database")
示例#13
0
def admin():
    if Configuration.loginRequired():
        if not current_user.is_authenticated():
            return render_template('login.html')
    else:
        person = User.get("_dummy_", auth_handler)
        login_user(person)
    output = None
    if os.path.isfile(Configuration.getUpdateLogFile()):
        with open(Configuration.getUpdateLogFile()) as updateFile:
            separator = "==========================\n"
            output = updateFile.read().split(separator)[-2:]
            output = separator + separator.join(output)
    return render_template('admin.html', status="default", **adminInfo(output))
示例#14
0
 def login_check(self):
     # validate username and password
     username = request.form.get("username")
     password = request.form.get("password")
     person = User.get(username, self.auth_handler)
     try:
         if person and person.authenticate(password):
             login_user(person)
             return render_template("admin.html",
                                    status="logged_in",
                                    **self.adminInfo())
         else:
             return render_template("login.html", status="wrong_user_pass")
     except Exception as e:
         print(e)
         return render_template("login.html", status="outdated_database")
示例#15
0
def admin():
    status = ["default", "none"]
    if Configuration.loginRequired():
        if not current_user.is_authenticated():
            return render_template('login.html', status=status)
    else:
        person = User.get("_dummy_")
        login_user(person)
    output = None
    if os.path.isfile(Configuration.getUpdateLogFile()):
        with open(Configuration.getUpdateLogFile()) as updateFile:
            separator = "==========================\n"
            output = updateFile.read().split(separator)[-2:]
            output = separator + separator.join(output)
    return render_template('admin.html',
                           status=status,
                           stats=adminStats(),
                           updateOutput=filterUpdateField(output))
示例#16
0
 def admin(self):
     if Configuration.loginRequired():
         if not current_user.is_authenticated():
             return render_template('login.html')
     else:
         person = User.get("_dummy_", self.auth_handler)
         login_user(person)
     output = None
     master = db.isMasterAccount(current_user.get_id())
     checked = ct.checkCronJobExists('cve_search')
     if os.path.isfile(Configuration.getUpdateLogFile()):
         with open(Configuration.getUpdateLogFile()) as updateFile:
             separator = "==========================\n"
             output = updateFile.read().split(separator)[-2:]
             output = separator + separator.join(output)
     return render_template('admin.html',
                            status="default",
                            master=master,
                            checked=checked,
                            **self.adminInfo(output))
示例#17
0
def load_user(id):
    return User.get(id)
示例#18
0
 def load_user(self, id):
     return User.get(id, self.auth_handler)
示例#19
0
def load_user(id):
    return User.get(id, auth_handler)
示例#20
0
 def load_user(self, id):
   return User.get(id, self.auth_handler)
示例#21
0
def load_user(id):
    return User.get(id)
示例#22
0
def load_user(id):
    return User.get(id, auth_handler)