def _raise_timeout(user_id): length = self.failed_logins[user_ip_sid]["count"] timeout = (length - 2) * 30 details = e = UnauthorizedError("WOKAUTH0004E", {"seconds": timeout}) log_request(code, params, details, method, 403) raise cherrypy.HTTPError(403, e.message)
def _raise_timeout(user_id): length = self.failed_logins[user_ip_sid]['count'] timeout = (length - 2) * 30 details = e = UnauthorizedError( 'WOKAUTH0004E', {'seconds': timeout}) log_request(code, params, details, method, 403) raise cherrypy.HTTPError(403, str(e))
def _log(self, code, status, exception=None): log_request(code, {'target_uri': self.target_uri}, exception, ASYNCTASK_REQUEST_METHOD, status, app=self.app, user='', ip='')
def logout(self): method = 'POST' code = self.getRequestMessage(method, 'logout') params = {'username': cherrypy.session.get(auth.USER_NAME, 'N/A')} auth.logout() log_request(code, params, None, method, 200, user=params['username']) return '{}'
def _log(self, code, status, exception=None): log_request( code, {'target_uri': self.target_uri}, exception, ASYNCTASK_REQUEST_METHOD, status, app=self.app, user='', ip='' )
def login(self, *args): details = None method = 'POST' code = self.getRequestMessage(method, 'login') try: params = parse_request() username = params['username'] password = params['password'] except KeyError, item: details = e = MissingParameter('WOKAUTH0003E', {'item': str(item)}) log_request(code, params, details, method, 400) raise cherrypy.HTTPError(400, e.message)
def create(self, params, *args): try: create = getattr(self.model, model_fn(self, 'create')) except AttributeError: e = InvalidOperation( 'WOKAPI0005E', {'resource': get_class_name(self)}) raise cherrypy.HTTPError(405, str(e)) validate_params(params, self, 'create') args = self.model_args + [params] task = create(*args) cherrypy.response.status = 202 # log request method = 'POST' code = self.getRequestMessage(method) reqParams = utf8_dict(self.log_args, params) log_id = log_request( code, reqParams, None, method, cherrypy.response.status, class_name=get_class_name(self), ) save_request_log_id(log_id, task['id']) return wok.template.render('Task', task)
def delete(self): try: fn = getattr(self.model, model_fn(self, 'delete')) task = fn(*self.model_args) except AttributeError: e = InvalidOperation( 'WOKAPI0002E', {'resource': get_class_name(self)}) raise cherrypy.HTTPError(405, str(e)) cherrypy.response.status = 202 # log request method = 'DELETE' code = self.getRequestMessage(method) reqParams = utf8_dict(self.log_args) log_id = log_request( code, reqParams, None, method, cherrypy.response.status, class_name=get_class_name(self), ) save_request_log_id(log_id, task['id']) return wok.template.render('Task', task)
def wrapper(*args, **kwargs): # status must be always set in order to request be logged. # use 500 as fallback for "exception not handled" cases. if protected is not None and protected: wokauth() details = None status = 500 method = 'POST' validate_method(method, self.admin_methods) try: request = parse_request() validate_params(request, self, action_name) self.lookup() if not self.is_authorized(): raise UnauthorizedError('WOKAPI0009E') model_args = list(self.model_args) if action_args is not None: model_args.extend( request[key] if key in request.keys() else None for key in action_args ) action_fn = getattr(self.model, model_fn(self, action_name)) action_result = action_fn(*model_args) status = 200 if destructive is False or ( 'persistent' in self.info.keys( ) and self.info['persistent'] is True ): result = render_fn(self, action_result) status = cherrypy.response.status return result except WokException as e: details = e status = e.getHttpStatusCode() raise cherrypy.HTTPError(status, str(e)) finally: # log request code = self.getRequestMessage(method, action_name) reqParams = utf8_dict(self.log_args, request) log_id = log_request( code, reqParams, details, method, status, class_name=get_class_name(self), action_name=action_name, ) if status == 202: save_request_log_id(log_id, action_result['id'])
def index(self, *args, **kargs): # status must be always set in order to request be logged. # use 500 as fallback for "exception not handled" cases. details = None status = 500 method = validate_method(('GET', 'DELETE', 'PUT'), self.admin_methods) try: self.lookup() if not self.is_authorized(): raise UnauthorizedError('WOKAPI0009E') result = { 'GET': self.get, 'DELETE': self.delete, 'PUT': self.update }[method](*args, **kargs) status = cherrypy.response.status except WokException as e: details = e status = e.getHttpStatusCode() raise cherrypy.HTTPError(status, str(e)) except cherrypy.HTTPError as e: status = e.status raise finally: # log request if method not in LOG_DISABLED_METHODS and status != 202: code = self.getRequestMessage(method) log_request( code, self.log_args, details, method, status, class_name=get_class_name(self), ) return result
def index(self, *args, **kwargs): # status must be always set in order to request be logged. # use 500 as fallback for "exception not handled" cases. details = None status = 500 params = {} method = validate_method(('GET', 'POST'), self.admin_methods) try: if method == 'GET': params = cherrypy.request.params validate_params(params, self, 'get_list') return self.get(params) elif method == 'POST': params = parse_request() result = self.create(params, *args) status = cherrypy.response.status return result except WokException as e: details = e status = e.getHttpStatusCode() raise cherrypy.HTTPError(status, str(e)) except cherrypy.HTTPError as e: status = e.status raise finally: if method not in LOG_DISABLED_METHODS and status != 202: # log request code = self.getRequestMessage(method) reqParams = utf8_dict(self.log_args, params) log_request( code, reqParams, details, method, status, class_name=get_class_name(self), )
def login(self, *args): def _raise_timeout(user_id): length = self.failed_logins[user_ip_sid]["count"] timeout = (length - 2) * 30 details = e = UnauthorizedError("WOKAUTH0004E", {"seconds": timeout}) log_request(code, params, details, method, 403) raise cherrypy.HTTPError(403, e.message) details = None method = 'POST' code = self.getRequestMessage(method, 'login') try: params = parse_request() validate_params(params, self, "login") username = params['username'] password = params['password'] except WokException, e: details = e = OperationFailed("WOKAUTH0007E") status = e.getHttpStatusCode() log_request(code, params, details, method, 400) raise cherrypy.HTTPError(400, e.message)
def delete(self): try: fn = getattr(self.model, model_fn(self, 'delete')) task = fn(*self.model_args) except AttributeError: e = InvalidOperation('WOKAPI0002E', {'resource': get_class_name(self)}) raise cherrypy.HTTPError(405, e.message) cherrypy.response.status = 202 # log request method = 'DELETE' code = self.getRequestMessage(method) reqParams = utf8_dict(self.log_args) log_id = log_request(code, reqParams, None, method, cherrypy.response.status) save_request_log_id(log_id, task['id']) return wok.template.render("Task", task)
def create(self, params, *args): try: create = getattr(self.model, model_fn(self, 'create')) except AttributeError: e = InvalidOperation('WOKAPI0005E', {'resource': get_class_name(self)}) raise cherrypy.HTTPError(405, e.message) validate_params(params, self, 'create') args = self.model_args + [params] task = create(*args) cherrypy.response.status = 202 # log request method = 'POST' code = self.getRequestMessage(method) reqParams = utf8_dict(self.log_args, params) log_id = log_request(code, reqParams, None, method, cherrypy.response.status) save_request_log_id(log_id, task['id']) return wok.template.render("Task", task)
result = render_fn(self, action_result) status = cherrypy.response.status return result except WokException, e: details = e status = e.getHttpStatusCode() raise cherrypy.HTTPError(status, e.message) finally: # log request code = self.getRequestMessage(method, action_name) reqParams = utf8_dict(self.log_args, request) log_id = log_request(code, reqParams, details, method, status, class_name=get_class_name(self), action_name=action_name) if status == 202: save_request_log_id(log_id, action_result['id']) wrapper.__name__ = action_name wrapper.exposed = True return wrapper def lookup(self): try: lookup = getattr(self.model, model_fn(self, 'lookup')) self.info = lookup(*self.model_args) except AttributeError:
def login(self, *args): def _raise_timeout(user_id): length = self.failed_logins[user_ip_sid]['count'] timeout = (length - 2) * 30 details = e = UnauthorizedError( 'WOKAUTH0004E', {'seconds': timeout}) log_request(code, params, details, method, 403) raise cherrypy.HTTPError(403, str(e)) details = None method = 'POST' code = self.getRequestMessage(method, 'login') try: params = parse_request() validate_params(params, self, 'login') username = params['username'] password = params['password'] except WokException as e: details = e = OperationFailed('WOKAUTH0007E') log_request(code, params, details, method, 400) raise cherrypy.HTTPError(400, str(e)) # get authentication info remote_ip = cherrypy.request.remote.ip session_id = str(cherrypy.session.originalid) user_ip_sid = re.escape(username + remote_ip + session_id) # check for repetly count = self.failed_logins.get(user_ip_sid, {'count': 0}).get('count') if count >= 3: # verify if timeout is still valid last_try = self.failed_logins[user_ip_sid]['time'] if time.time() < (last_try + ((count - 2) * 30)): _raise_timeout(user_ip_sid) else: self.failed_logins.pop(user_ip_sid) try: status = 200 user_info = auth.login(username, password) # user logged sucessfuly: reset counters if self.failed_logins.get(user_ip_sid) is not None: self.failed_logins.pop(user_ip_sid) except cherrypy.HTTPError as e: # store time and prevent too much tries if self.failed_logins.get(user_ip_sid) is None: self.failed_logins[user_ip_sid] = { 'time': time.time(), 'ip': remote_ip, 'session_id': session_id, 'username': username, 'count': 1, } else: # tries take more than 30 seconds between each one: do not # increase count if time.time() - self.failed_logins[user_ip_sid]['time'] < 30: self.failed_logins[user_ip_sid]['time'] = time.time() self.failed_logins[user_ip_sid]['count'] += 1 # more than 3 fails: raise error if self.failed_logins[user_ip_sid]['count'] >= 3: _raise_timeout(user_ip_sid) # return same error message to frontend details = e = OperationFailed('WOKAUTH0008E') status = e.getHttpStatusCode() raise cherrypy.HTTPError(401, str(e)) finally: send_wok_notification('', 'login', 'POST') log_request(code, params, details, method, status) return json.dumps(user_info)
params = parse_request() username = params['username'] password = params['password'] except KeyError, item: details = e = MissingParameter('WOKAUTH0003E', {'item': str(item)}) log_request(code, params, details, method, 400) raise cherrypy.HTTPError(400, e.message) try: status = 200 user_info = auth.login(username, password) except cherrypy.HTTPError, e: status = e.status raise finally: log_request(code, params, details, method, status) return json.dumps(user_info) @cherrypy.expose def logout(self): method = 'POST' code = self.getRequestMessage(method, 'logout') params = {'username': cherrypy.session.get(auth.USER_NAME, 'N/A')} auth.logout() log_request(code, params, None, method, 200, user=params['username']) return '{}'
self.failed_logins[user_ip_sid]["time"]) < 30: self.failed_logins[user_ip_sid]["time"] = time.time() self.failed_logins[user_ip_sid]["count"] += 1 # more than 3 fails: raise error if self.failed_logins[user_ip_sid]["count"] >= 3: _raise_timeout(user_ip_sid) # return same error message to frontend details = e = OperationFailed("WOKAUTH0008E") status = e.getHttpStatusCode() raise cherrypy.HTTPError(401, e.message) finally: send_wok_notification('', 'login', 'POST') log_request(code, params, details, method, status) return json.dumps(user_info) @cherrypy.expose def logout(self): method = 'POST' code = self.getRequestMessage(method, 'logout') params = {'username': cherrypy.session.get(auth.USER_NAME, 'N/A')} auth.logout() send_wok_notification('', 'logout', 'POST') log_request(code, params, None, method, 200, user=params['username']) return '{}'
if destructive is False or \ ('persistent' in self.info.keys() and self.info['persistent'] is True): result = render_fn(self, action_result) status = cherrypy.response.status return result except WokException, e: details = e status = e.getHttpStatusCode() raise cherrypy.HTTPError(status, e.message) finally: # log request code = self.getRequestMessage(method, action_name) reqParams = utf8_dict(self.log_args, request) log_id = log_request(code, reqParams, details, method, status) if status == 202: save_request_log_id(log_id, action_result['id']) wrapper.__name__ = action_name wrapper.exposed = True return wrapper def lookup(self): try: lookup = getattr(self.model, model_fn(self, 'lookup')) self.info = lookup(*self.model_args) except AttributeError: self.info = {} def delete(self):