def delete_account(self, request, password, otp=None): if not settings['deletion']: return json_error('Account deletion disabled!') client = request.environ['yubiauth.client'] user = request.environ['yubiauth.user'] try: client.authenticate(user.name, password, otp) user.delete() return json_response(True) except: return json_error('Invalid credentials!')
def assign_yubikey(self, request, yubikey, password, otp=None): client = request.environ['yubiauth.client'] user = request.environ['yubiauth.user'] try: client.authenticate(user.name, password, otp) prefix = yubikey[:-32] if not validate_otp(yubikey): return json_error('Invalid OTP for new YubiKey!') if not prefix in user.yubikeys: user.assign_yubikey(prefix) return json_response(True) except: return json_error('Invalid credentials!')
def revoke_yubikey(self, request, code): client = request.environ['yubiauth.client'] try: client.revoke(code) return json_response(True) except: return json_error('Invalid code!')
def change_password(self, request, oldpass, newpass, otp=None): client = request.environ['yubiauth.client'] user = request.environ['yubiauth.user'] try: client.authenticate(user.name, oldpass, otp) user.set_password(newpass) return json_response(True) except: return json_error('Invalid credentials!')
def generate_revocation(self, request, password, otp): client = request.environ['yubiauth.client'] user = request.environ['yubiauth.user'] try: client.authenticate(user.name, password, otp) code = client.generate_revocation(otp[:-32]) return json_response(code) except: return json_error('Invalid credentials!')
def rename_user(self, request, username_or_id, username): user = self._get_user(request, username_or_id) try: request.auth.get_user(username) return json_error('User "%s" already exists!' % username) except: user.name = username return no_content()
def login(self, request, username=None, password=None, otp=None): client = request.environ['yubiauth.client'] try: session = client.create_session(username, password, otp) request.environ['beaker.session'].update(session) session.delete() return json_response(True) except: log.info('Login failed for username=%s', username) log.debug('Login failure:', exc_info=True) return json_error('Invalid credentials!')
def create_user(self, request, username, password): try: user = request.auth.create_user(username, password) request.auth.commit() url = '%s/users/%d' % (request.script_name, user.id) return json_response({ 'id': user.id, 'name': user.name }, location=url, status=201) except Exception, e: return json_error(e.message)
def session_required(self, request, e): return json_error('Session required!')