def auth_by_mail(session: helpers.extend.session, response, mail, passcode=None, captcha=None, api_key=None): """Authenticates a user by email and passcode""" if not helpers.is_mail(mail): return helpers.response.error("user_mail_invalid", falcon.HTTP_400) try: query = session.query(User).filter(User.mail == mail) requested_user = query.one() new_key = helpers.make_key() # Standard api_key authorization if api_key: if list( filter(lambda x: x.api_key == api_key, requested_user.api_keys)): return user_with_key(requested_user, api_key) return helpers.response.error("API key authentication_failed", falcon.HTTP_401) # Passcode verification elif passcode: # Check captcha if not helpers.authentication.check_captcha(captcha): return helpers.response.error("captcha_verification_failure", falcon.HTTP_400) if requested_user.passcode == passcode: # Consume passcode requested_user.passcode = None # Mail already verified append key if requested_user.is_mail_verified: requested_user.api_keys.append( ApiKey(user=requested_user, api_key=new_key)) # Else mark mail as verified and reset keys else: requested_user.is_mail_verified = True requested_user.api_keys = [ ApiKey(user=requested_user, api_key=new_key) ] #session.add(requested_user) return user_with_key(requested_user, new_key) return helpers.response.error("Passcode authentication_failed", falcon.HTTP_401) # Exploration account elif not requested_user.is_mail_verified: # Ensure there is a key if not requested_user.api_keys: requested_user.api_keys.append( ApiKey(user=requested_user, api_key=new_key)) #session.add(requested_user) else: new_key = requested_user.api_keys[0].api_key return user_with_key(requested_user, new_key) # Everything failed return helpers.response.error("Auhentication required", falcon.HTTP_401) except NoResultFound: return helpers.response.error("user_not_found", falcon.HTTP_400)
def register(): ''' Register a new user and generate then an API Key. Returns JSON-encoded username and API Key. ''' reqjson = request.get_json() username = reqjson.get('username', '') password = reqjson.get('password', '') if not username or not password: logging.debug('Denying access for username of %s' % username) abort(400) try: user = User.create(username=username, password=password) except IntegrityError as e: logging.error('unable to register user with username %s' % username, e) abort(409) key = hashlib.sha1(username + password + str(datetime.now().microsecond) + SALT) apikey = ApiKey.create(owner=user.id, key=key.hexdigest()) logging.warn('registered user with username %s' % username) return jsonify({'username': user.username, 'apikey': apikey.key}), 201
def generate_key(): ''' Generate a new key for user. Returns JSON-encoded username and API Key. ''' reqjson = request.get_json() username = reqjson.get('username', '') password = reqjson.get('password', '') try: user = User.get(User.username == username) except User.DoesNotExist: logging.debug('User does not exist with username of %s' % username) abort(403) if user.password == password: key = hashlib.sha1(username + password + str(datetime.now().microsecond) + SALT) apikey = ApiKey.create(owner=user.id, key=key.hexdigest()) return jsonify({'username': user.username, 'apikey': apikey.key}), 201 else: logging.debug( 'Unable to authenticate user to generate API Key for username %s' % username) abort(403)
def generate_key(): ''' Generate a new key for user. Returns JSON-encoded username and API Key. ''' reqjson = request.get_json() username = reqjson.get('username', '') password = reqjson.get('password', '') try: user = User.get(User.username == username) except User.DoesNotExist: logging.debug('User does not exist with username of %s' % username) abort(403) if user.password == password: key = hashlib.sha1(username + password + str(datetime.now().microsecond) + SALT) apikey = ApiKey.create(owner=user.id, key=key.hexdigest()) return jsonify({'username': user.username, 'apikey': apikey.key}), 201 else: logging.debug('Unable to authenticate user to generate API Key for username %s' % username) abort(403)