flaschengeist/geruecht/controller/accesTokenController.py

130 lines
4.9 KiB
Python
Raw Permalink Normal View History

2019-04-11 21:56:55 +00:00
from geruecht.model.accessToken import AccessToken
import geruecht.controller as gc
import geruecht.controller.mainController as mc
import geruecht.controller.databaseController as dc
2020-01-18 22:31:49 +00:00
from geruecht.model import BAR
from datetime import datetime, timedelta
import secrets
from . import Singleton
from geruecht.logger import getDebugLogger
debug = getDebugLogger()
2019-04-11 21:56:55 +00:00
mainController = mc.MainController()
db = dc.DatabaseController()
2020-01-18 22:31:49 +00:00
class AccesTokenController(metaclass=Singleton):
2019-04-17 12:46:46 +00:00
""" Control all createt AccesToken
2019-05-02 16:50:59 +00:00
2019-04-17 12:46:46 +00:00
This Class create, delete, find and manage AccesToken.
Attributes:
tokenList: List of currents AccessToken
lifetime: Variable for the Lifetime of one AccessToken in seconds.
"""
instance = None
2019-04-11 21:56:55 +00:00
tokenList = None
2019-12-30 08:22:43 +00:00
def __init__(self, lifetime=1800):
2019-04-17 12:46:46 +00:00
""" Initialize AccessTokenController
2019-05-02 16:50:59 +00:00
2019-04-17 12:46:46 +00:00
Initialize Thread and set tokenList empty.
"""
debug.info("init accesstoken controller")
self.lifetime = gc.accConfig
2019-04-11 21:56:55 +00:00
def checkBar(self, user):
debug.info("check if user {{ {} }} is baruser".format(user))
if (mainController.checkBarUser(user)):
2020-03-04 20:38:21 +00:00
if BAR not in user.group:
debug.debug("append bar to user {{ {} }}".format(user))
2020-03-04 20:38:21 +00:00
user.group.append(BAR)
return True
2020-03-04 20:38:21 +00:00
else:
while BAR in user.group:
debug.debug("delete bar from user {{ {} }}".format(user))
2020-03-04 20:38:21 +00:00
user.group.remove(BAR)
return False
debug.debug("user {{ {} }} groups are {{ {} }}".format(user, user.group))
2020-01-18 22:31:49 +00:00
def validateAccessToken(self, token, group):
""" Verify Accestoken
2019-05-02 16:50:59 +00:00
Verify an Accestoken and Group so if the User has permission or not.
Retrieves the accestoken if valid else retrieves False
2019-04-17 12:46:46 +00:00
Args:
token: Token to verify.
group: Group like 'moneymaster', 'gastro', 'user' or 'bar'
2019-04-17 12:46:46 +00:00
Returns:
An the AccesToken for this given Token or False.
2019-04-17 12:46:46 +00:00
"""
debug.info("check token {{ {} }} is valid")
for accToken in db.getAccessTokens():
debug.debug("accesstoken is {}".format(accToken))
2020-03-07 13:56:44 +00:00
endTime = accToken.timestamp + timedelta(seconds=accToken.lifetime)
now = datetime.now()
debug.debug("now is {{ {} }}, endtime is {{ {} }}".format(now, endTime))
2020-03-07 13:56:44 +00:00
if now <= endTime:
debug.debug("check if token {{ {} }} is same as {{ {} }}".format(token, accToken))
2020-03-07 13:56:44 +00:00
if accToken == token:
if not self.checkBar(accToken.user):
accToken.lock_bar = False
debug.debug("check if accestoken {{ {} }} has group {{ {} }}".format(accToken, group))
if self.isSameGroup(accToken, group):
accToken.updateTimestamp()
db.updateAccessToken(accToken)
debug.debug("found accesstoken {{ {} }} with token: {{ {} }} and group: {{ {} }}".format(accToken, token, group))
return accToken
2020-03-07 13:56:44 +00:00
else:
debug.debug("accesstoken is {{ {} }} out of date".format(accToken))
db.deleteAccessToken(accToken)
debug.debug("no valid accesstoken with token: {{ {} }} and group: {{ {} }}".format(token, group))
return False
2019-04-11 21:56:55 +00:00
def createAccesToken(self, user, user_agent=None):
2019-04-17 12:46:46 +00:00
""" Create an AccessToken
Create an AccessToken for an User and add it to the tokenList.
Args:
user: For wich User is to create an AccessToken
Returns:
A created Token for User
"""
debug.info("creat accesstoken")
now = datetime.ctime(datetime.now())
token = secrets.token_hex(16)
2020-01-18 22:31:49 +00:00
self.checkBar(user)
accToken = db.createAccessToken(user, token, self.lifetime, datetime.now(), lock_bar=False, user_agent=user_agent)
debug.debug("accesstoken is {{ {} }}".format(accToken))
2019-04-11 21:56:55 +00:00
return token
2020-01-18 22:31:49 +00:00
def isSameGroup(self, accToken, groups):
2019-04-17 12:46:46 +00:00
""" Verify group in AccessToken
2019-05-02 16:50:59 +00:00
2019-04-17 12:46:46 +00:00
Verify if the User in the AccesToken has the right group.
Args:
accToken: AccessToken to verify.
2020-01-18 22:31:49 +00:00
groups: Group to verify.
2019-05-02 16:50:59 +00:00
2019-04-17 12:46:46 +00:00
Returns:
A Bool. If the same then True else False
"""
debug.info("check accesstoken {{ {} }} has group {{ {} }}".format(accToken, groups))
2020-01-18 22:31:49 +00:00
for group in groups:
if group in accToken.user.group: return True
return False
def getAccessTokensFromUser(self, user):
return db.getAccessTokensFromUser(user)
def deleteAccessToken(self, accToken):
db.deleteAccessToken(accToken)
def updateAccessToken(self, accToken):
accToken.updateTimestamp()
return db.updateAccessToken(accToken)