Revision ee7a2b87 snf-astakos-app/astakos/im/api/user.py
| b/snf-astakos-app/astakos/im/api/user.py | ||
|---|---|---|
| 31 | 31 |
# interpreted as representing official policies, either expressed |
| 32 | 32 |
# or implied, of GRNET S.A. |
| 33 | 33 |
|
| 34 |
import logging |
|
| 35 |
|
|
| 36 | 34 |
from functools import wraps |
| 37 | 35 |
from time import time, mktime |
| 38 | 36 |
|
| ... | ... | |
| 40 | 38 |
from django.utils import simplejson as json |
| 41 | 39 |
from django.views.decorators.csrf import csrf_exempt |
| 42 | 40 |
|
| 41 |
from snf_django.lib import api |
|
| 43 | 42 |
from snf_django.lib.api import faults |
| 44 |
from . import render_fault, __get_uuid_displayname_catalogs, __send_feedback
|
|
| 43 |
from . import __get_uuid_displayname_catalogs, __send_feedback |
|
| 45 | 44 |
|
| 46 | 45 |
from astakos.im.models import AstakosUser |
| 47 | 46 |
from astakos.im.util import epoch |
| ... | ... | |
| 49 | 48 |
from astakos.im.api.callpoint import AstakosCallpoint |
| 50 | 49 |
callpoint = AstakosCallpoint() |
| 51 | 50 |
|
| 51 |
import logging |
|
| 52 | 52 |
logger = logging.getLogger(__name__) |
| 53 | 53 |
format = ('%a, %d %b %Y %H:%M:%S GMT')
|
| 54 | 54 |
|
| 55 | 55 |
|
| 56 |
def api_method(http_method=None, token_required=False, perms=None): |
|
| 57 |
"""Decorator function for views that implement an API method.""" |
|
| 58 |
if not perms: |
|
| 59 |
perms = [] |
|
| 60 |
|
|
| 61 |
def decorator(func): |
|
| 62 |
@wraps(func) |
|
| 63 |
def wrapper(request, *args, **kwargs): |
|
| 64 |
try: |
|
| 65 |
if http_method and request.method != http_method: |
|
| 66 |
raise faults.BadRequest('Method not allowed.')
|
|
| 67 |
x_auth_token = request.META.get('HTTP_X_AUTH_TOKEN')
|
|
| 68 |
if token_required: |
|
| 69 |
if not x_auth_token: |
|
| 70 |
raise faults.Unauthorized('Access denied')
|
|
| 71 |
try: |
|
| 72 |
user = AstakosUser.objects.get(auth_token=x_auth_token) |
|
| 73 |
if not user.has_perms(perms): |
|
| 74 |
raise faults.Forbidden('Unauthorized request')
|
|
| 75 |
except AstakosUser.DoesNotExist, e: |
|
| 76 |
raise faults.Unauthorized('Invalid X-Auth-Token')
|
|
| 77 |
kwargs['user'] = user |
|
| 78 |
response = func(request, *args, **kwargs) |
|
| 79 |
return response |
|
| 80 |
except faults.Fault, fault: |
|
| 81 |
return render_fault(request, fault) |
|
| 82 |
except BaseException, e: |
|
| 83 |
logger.exception('Unexpected error: %s' % e)
|
|
| 84 |
fault = faults.InternalServerError('Unexpected error')
|
|
| 85 |
return render_fault(request, fault) |
|
| 86 |
return wrapper |
|
| 87 |
return decorator |
|
| 88 |
|
|
| 89 |
|
|
| 90 |
@api_method(http_method='GET', token_required=True) |
|
| 56 |
def user_from_token(func): |
|
| 57 |
@wraps(func) |
|
| 58 |
def wrapper(request, *args, **kwargs): |
|
| 59 |
try: |
|
| 60 |
token = request.x_auth_token |
|
| 61 |
except AttributeError: |
|
| 62 |
raise faults.Unauthorized("No authentication token")
|
|
| 63 |
|
|
| 64 |
if not token: |
|
| 65 |
raise faults.Unauthorized("Invalid X-Auth-Token")
|
|
| 66 |
|
|
| 67 |
try: |
|
| 68 |
user = AstakosUser.objects.get(auth_token=token) |
|
| 69 |
except AstakosUser.DoesNotExist: |
|
| 70 |
raise faults.Unauthorized('Invalid X-Auth-Token')
|
|
| 71 |
|
|
| 72 |
return func(request, user, *args, **kwargs) |
|
| 73 |
return wrapper |
|
| 74 |
|
|
| 75 |
|
|
| 76 |
@api.api_method(http_method="GET", token_required=True, user_required=False, |
|
| 77 |
logger=logger) |
|
| 78 |
@user_from_token # Authenticate user!! |
|
| 91 | 79 |
def authenticate(request, user=None): |
| 92 | 80 |
# Normal Response Codes: 200 |
| 93 | 81 |
# Error Response Codes: internalServerError (500) |
| ... | ... | |
| 136 | 124 |
|
| 137 | 125 |
|
| 138 | 126 |
@csrf_exempt |
| 139 |
@api_method(http_method='POST', token_required=True) |
|
| 127 |
@api.api_method(http_method="POST", token_required=True, user_required=False, |
|
| 128 |
logger=logger) |
|
| 129 |
@user_from_token # Authenticate user!! |
|
| 140 | 130 |
def get_uuid_displayname_catalogs(request, user=None): |
| 141 | 131 |
# Normal Response Codes: 200 |
| 142 | 132 |
# Error Response Codes: internalServerError (500) |
| ... | ... | |
| 147 | 137 |
|
| 148 | 138 |
|
| 149 | 139 |
@csrf_exempt |
| 150 |
@api_method(http_method='POST', token_required=True) |
|
| 140 |
@api.api_method(http_method="POST", token_required=True, user_required=False, |
|
| 141 |
logger=logger) |
|
| 142 |
@user_from_token # Authenticate user!! |
|
| 151 | 143 |
def send_feedback(request, email_template_name='im/feedback_mail.txt', |
| 152 | 144 |
user=None): |
| 153 | 145 |
# Normal Response Codes: 200 |
Also available in: Unified diff