Revision d29f0371 snf-astakos-app/astakos/api/tokens.py
b/snf-astakos-app/astakos/api/tokens.py | ||
---|---|---|
38 | 38 |
from snf_django.lib.api import faults, utils, api_method |
39 | 39 |
|
40 | 40 |
from astakos.im.models import Service, AstakosUser |
41 |
from .util import json_response, xml_response, validate_user |
|
41 |
from .util import json_response, xml_response, validate_user,\ |
|
42 |
get_content_length |
|
42 | 43 |
|
43 | 44 |
import logging |
44 | 45 |
logger = logging.getLogger(__name__) |
... | ... | |
48 | 49 |
@api_method(http_method="POST", token_required=False, user_required=False, |
49 | 50 |
logger=logger) |
50 | 51 |
def authenticate(request): |
51 |
req = utils.get_request_dict(request) |
|
52 |
content_length = get_content_length(request) |
|
53 |
public_mode = True if not content_length else False |
|
52 | 54 |
|
53 |
uuid = None |
|
54 |
try: |
|
55 |
token_id = req['auth']['token']['id'] |
|
56 |
except KeyError: |
|
55 |
d = defaultdict(dict) |
|
56 |
if not public_mode: |
|
57 |
req = utils.get_request_dict(request) |
|
58 |
|
|
59 |
uuid = None |
|
57 | 60 |
try: |
58 |
token_id = req['auth']['passwordCredentials']['password'] |
|
59 |
uuid = req['auth']['passwordCredentials']['username'] |
|
61 |
token_id = req['auth']['token']['id'] |
|
60 | 62 |
except KeyError: |
63 |
try: |
|
64 |
token_id = req['auth']['passwordCredentials']['password'] |
|
65 |
uuid = req['auth']['passwordCredentials']['username'] |
|
66 |
except KeyError: |
|
67 |
raise faults.BadRequest('Malformed request') |
|
68 |
|
|
69 |
if token_id is None: |
|
61 | 70 |
raise faults.BadRequest('Malformed request') |
62 | 71 |
|
63 |
if token_id is None: |
|
64 |
raise faults.BadRequest('Malformed request') |
|
72 |
try: |
|
73 |
user = AstakosUser.objects.get(auth_token=token_id) |
|
74 |
except AstakosUser.DoesNotExist: |
|
75 |
raise faults.Unauthorized('Invalid token') |
|
65 | 76 |
|
66 |
try: |
|
67 |
user = AstakosUser.objects.get(auth_token=token_id) |
|
68 |
except AstakosUser.DoesNotExist: |
|
69 |
raise faults.Unauthorized('Invalid token') |
|
77 |
validate_user(user) |
|
70 | 78 |
|
71 |
validate_user(user) |
|
79 |
if uuid is not None: |
|
80 |
if user.uuid != uuid: |
|
81 |
raise faults.Unauthorized('Invalid credentials') |
|
72 | 82 |
|
73 |
if uuid is not None: |
|
74 |
if user.uuid != uuid: |
|
75 |
raise faults.Unauthorized('Invalid credentials') |
|
83 |
d["access"]["token"] = { |
|
84 |
"id": user.auth_token, |
|
85 |
"expires": utils.isoformat(user.auth_token_expires), |
|
86 |
"tenant": {"id": user.uuid, "name": user.realname}} |
|
87 |
d["access"]["user"] = { |
|
88 |
"id": user.uuid, 'name': user.realname, |
|
89 |
"roles": list(user.groups.values("id", "name")), |
|
90 |
"roles_links": []} |
|
76 | 91 |
|
77 |
d = defaultdict(dict) |
|
78 |
d["access"]["token"] = { |
|
79 |
"id": user.auth_token, |
|
80 |
"expires": utils.isoformat(user.auth_token_expires), |
|
81 |
"tenant": {"id": user.uuid, "name": user.realname}} |
|
82 |
d["access"]["user"] = { |
|
83 |
"id": user.uuid, 'name': user.realname, |
|
84 |
"roles": list(user.groups.values("id", "name")), |
|
85 |
"roles_links": []} |
|
86 | 92 |
d["access"]["serviceCatalog"] = [] |
87 | 93 |
append = d["access"]["serviceCatalog"].append |
88 | 94 |
for s in Service.objects.all().order_by("id"): |
Also available in: Unified diff