def delete_account(self, request, password, otp=None):
if not settings['deletion']:
return json_error('Account deletion disabled!')
client = request.environ['yubiauth.client']
user = request.environ['yubiauth.user']
try:
client.authenticate(user.name, password, otp)
user.delete()
return json_response(True)
except:
return json_error('Invalid credentials!')
def delete_account(self, request, password, otp=None):
if not settings['deletion']:
return json_error('Account deletion disabled!')
client = request.environ['yubiauth.client']
user = request.environ['yubiauth.user']
try:
client.authenticate(user.name, password, otp)
user.delete()
return json_response(True)
except:
return json_error('Invalid credentials!')
def assign_yubikey(self, request, yubikey, password, otp=None):
client = request.environ['yubiauth.client']
user = request.environ['yubiauth.user']
try:
client.authenticate(user.name, password, otp)
prefix = yubikey[:-32]
if not validate_otp(yubikey):
return json_error('Invalid OTP for new YubiKey!')
if not prefix in user.yubikeys:
user.assign_yubikey(prefix)
return json_response(True)
except:
return json_error('Invalid credentials!')
def assign_yubikey(self, request, yubikey, password, otp=None):
client = request.environ['yubiauth.client']
user = request.environ['yubiauth.user']
try:
client.authenticate(user.name, password, otp)
prefix = yubikey[:-32]
if not validate_otp(yubikey):
return json_error('Invalid OTP for new YubiKey!')
if not prefix in user.yubikeys:
user.assign_yubikey(prefix)
return json_response(True)
except:
return json_error('Invalid credentials!')
def revoke_yubikey(self, request, code):
client = request.environ['yubiauth.client']
try:
client.revoke(code)
return json_response(True)
except:
return json_error('Invalid code!')
def revoke_yubikey(self, request, code):
client = request.environ['yubiauth.client']
try:
client.revoke(code)
return json_response(True)
except:
return json_error('Invalid code!')
def change_password(self, request, oldpass, newpass, otp=None):
client = request.environ['yubiauth.client']
user = request.environ['yubiauth.user']
try:
client.authenticate(user.name, oldpass, otp)
user.set_password(newpass)
return json_response(True)
except:
return json_error('Invalid credentials!')
def generate_revocation(self, request, password, otp):
client = request.environ['yubiauth.client']
user = request.environ['yubiauth.user']
try:
client.authenticate(user.name, password, otp)
code = client.generate_revocation(otp[:-32])
return json_response(code)
except:
return json_error('Invalid credentials!')
def rename_user(self, request, username_or_id, username):
user = self._get_user(request, username_or_id)
try:
request.auth.get_user(username)
return json_error('User "%s" already exists!' % username)
except:
user.name = username
return no_content()
def rename_user(self, request, username_or_id, username):
user = self._get_user(request, username_or_id)
try:
request.auth.get_user(username)
return json_error('User "%s" already exists!' % username)
except:
user.name = username
return no_content()
def generate_revocation(self, request, password, otp):
client = request.environ['yubiauth.client']
user = request.environ['yubiauth.user']
try:
client.authenticate(user.name, password, otp)
code = client.generate_revocation(otp[:-32])
return json_response(code)
except:
return json_error('Invalid credentials!')
def change_password(self, request, oldpass, newpass, otp=None):
client = request.environ['yubiauth.client']
user = request.environ['yubiauth.user']
try:
client.authenticate(user.name, oldpass, otp)
user.set_password(newpass)
return json_response(True)
except:
return json_error('Invalid credentials!')
def login(self, request, username=None, password=None, otp=None):
client = request.environ['yubiauth.client']
try:
session = client.create_session(username, password, otp)
request.environ['beaker.session'].update(session)
session.delete()
return json_response(True)
except:
log.info('Login failed for username=%s', username)
log.debug('Login failure:', exc_info=True)
return json_error('Invalid credentials!')
def login(self, request, username=None, password=None, otp=None):
client = request.environ['yubiauth.client']
try:
session = client.create_session(username, password, otp)
request.environ['beaker.session'].update(session)
session.delete()
return json_response(True)
except:
log.info('Login failed for username=%s', username)
log.debug('Login failure:', exc_info=True)
return json_error('Invalid credentials!')
def create_user(self, request, username, password):
try:
user = request.auth.create_user(username, password)
request.auth.commit()
url = '%s/users/%d' % (request.script_name, user.id)
return json_response({
'id': user.id,
'name': user.name
}, location=url, status=201)
except Exception, e:
return json_error(e.message)
def create_user(self, request, username, password):
try:
user = request.auth.create_user(username, password)
request.auth.commit()
url = '%s/users/%d' % (request.script_name, user.id)
return json_response({
'id': user.id,
'name': user.name
},
location=url,
status=201)
except Exception, e:
return json_error(e.message)
def session_required(self, request, e):
return json_error('Session required!')
def session_required(self, request, e):
return json_error('Session required!')
