|
|
@ -16,6 +16,7 @@ from corvus.service import ( |
|
|
|
user_token_service |
|
|
|
) |
|
|
|
from corvus.service.role_service import ROLES, Role |
|
|
|
from corvus.service import transformation_service |
|
|
|
|
|
|
|
|
|
|
|
class Auth(Enum): |
|
|
@ -26,7 +27,8 @@ class Auth(Enum): |
|
|
|
NONE = 'NONE' |
|
|
|
|
|
|
|
|
|
|
|
def authenticate_with_password(name: str, password: str) -> bool: |
|
|
|
def authenticate_with_password( |
|
|
|
name: Optional[str], password: Optional[str]) -> bool: |
|
|
|
""" |
|
|
|
Authenticate a username and a password. |
|
|
|
|
|
|
@ -34,6 +36,8 @@ def authenticate_with_password(name: str, password: str) -> bool: |
|
|
|
:param password: |
|
|
|
:return: |
|
|
|
""" |
|
|
|
if name is None or password is None: |
|
|
|
return False |
|
|
|
user = user_service.find_by_name(name) |
|
|
|
if user is not None \ |
|
|
|
and authentication_service.is_valid_password(user, password): |
|
|
@ -42,7 +46,7 @@ def authenticate_with_password(name: str, password: str) -> bool: |
|
|
|
return False |
|
|
|
|
|
|
|
|
|
|
|
def authenticate_with_token(name: str, token: str) -> bool: |
|
|
|
def authenticate_with_token(name: Optional[str], token: Optional[str]) -> bool: |
|
|
|
""" |
|
|
|
Authenticate a username and a token. |
|
|
|
|
|
|
@ -50,6 +54,8 @@ def authenticate_with_token(name: str, token: str) -> bool: |
|
|
|
:param token: |
|
|
|
:return: |
|
|
|
""" |
|
|
|
if name is None or token is None: |
|
|
|
return False |
|
|
|
user = user_service.find_by_name(name) |
|
|
|
if user is not None: |
|
|
|
user_token = user_token_service.find_by_user_and_token(user, token) |
|
|
@ -87,7 +93,7 @@ def authorization_failed(required_role: str) -> Response: |
|
|
|
|
|
|
|
|
|
|
|
def parse_token_header( |
|
|
|
header_value: str) -> Optional[Authorization]: |
|
|
|
header_value: Optional[str]) -> Optional[Authorization]: |
|
|
|
""" |
|
|
|
Parse the Authorization: Token header for the username and token. |
|
|
|
|
|
|
@ -146,7 +152,7 @@ def require_token_auth(func: Callable) -> Callable: |
|
|
|
:return: |
|
|
|
""" |
|
|
|
token = parse_token_header( |
|
|
|
request.headers.get('X-Auth-Token', None)) |
|
|
|
request.headers.get('X-Auth-Token')) |
|
|
|
if token and authenticate_with_token(token.username, token.password): |
|
|
|
return func(*args, **kwargs) |
|
|
|
return authentication_failed('Token') |
|
|
@ -190,11 +196,12 @@ def require(required_auth: Auth, required_role: Role) -> Callable: |
|
|
|
elif required_auth == Auth.TOKEN: |
|
|
|
decorated = require_token_auth(decorated) |
|
|
|
else: |
|
|
|
Response( |
|
|
|
response=APIMessage( |
|
|
|
return Response( |
|
|
|
response=transformation_service.serialize_model( |
|
|
|
APIMessage( |
|
|
|
message="Unexpected Server Error", |
|
|
|
success=False |
|
|
|
), |
|
|
|
)), |
|
|
|
status=500) |
|
|
|
return decorated(*args, **kwargs) |
|
|
|
return decorate |
|
|
|