Fixed typos

This commit is contained in:
Ferdinand Thiessen 2020-09-02 01:32:55 +02:00
parent e4b4db3405
commit b4505de253
6 changed files with 76 additions and 68 deletions

View File

@ -1,7 +1,7 @@
#############################################
# Plugin: Auth #
# Functionality: Allow management of #
# authentification, login, logout, etc #
# authentication, login, logout, etc #
#############################################
from flask import Blueprint, current_app, request, jsonify
@ -24,7 +24,7 @@ def register():
return auth_bp
############################################
## Routes ##
# Routes #
############################################
@ -68,10 +68,10 @@ def _login():
def _logout(**kwargs):
try:
logger.debug("logout user")
accToken = kwargs['accToken']
logger.debug("accesstoken is {{ {} }}".format(accToken))
logger.debug("delete accesstoken")
access_controller.deleteAccessToken(accToken)
token = kwargs['accToken']
logger.debug("access token is {{ {} }}".format(token))
logger.debug("delete access token")
access_controller.deleteAccessToken(token)
access_controller.clearExpired()
logger.info("return ok logout user")
return jsonify({"ok": "ok"})
@ -81,7 +81,7 @@ def _logout(**kwargs):
@auth_bp.route("/user/getAccessTokens", methods=['GET', 'POST'])
#@auth_bp.route("/accessTokens", methods=['GET', 'POST'])
# @auth_bp.route("/accessTokens", methods=['GET', 'POST'])
@login_required()
def _getAccessTokens(**kwargs):
try:
@ -102,12 +102,12 @@ def _getAccessTokens(**kwargs):
@login_required()
def _getLifeTime(**kwargs):
try:
logger.debug("get lifetime of accesstoken")
accToken = kwargs['accToken']
logger.debug("accessToken is {{ {} }}".format(accToken))
return jsonify({"value": accToken.lifetime})
logger.debug("get lifetime of access token")
token = kwargs['accToken']
logger.debug("accessToken is {{ {} }}".format(token))
return jsonify({"value": token.lifetime})
except Exception as err:
logger.warning("exception in get lifetime of accesstoken.", exc_info=True)
logger.warning("exception in get lifetime of access token.", exc_info=True)
return jsonify({"error": str(err)}), 500
@ -125,7 +125,7 @@ def _saveLifeTime(**kwargs):
token.lifetime = lifetime
logger.info("update access token timestamp")
token = access_controller.update(token)
return jsonify({"value": token.lifetime })
return jsonify({"value": token.lifetime})
except Exception as err:
logger.warning(
"exception in save lifetime for access token.", exc_info=True)

View File

@ -10,9 +10,9 @@ logger = logging.getLogger("flaschenpost")
class AccessTokenController(metaclass=Singleton):
""" Control all createt AccesToken
""" Control all created AccessToken
This Class create, delete, find and manage AccesToken.
This Class create, delete, find and manage AccessToken.
Attributes:
lifetime: Variable for the Lifetime of one AccessToken in seconds.
@ -25,10 +25,10 @@ class AccessTokenController(metaclass=Singleton):
Initialize Thread and set tokenList empty.
"""
logger.debug("init accesstoken controller")
logger.debug("init access token controller")
self.lifetime = lifetime
def validate(self, token, roles):
def validate_token(self, token, roles):
""" Verify access token
Verify an AccessToken and Group so if the User has permission or not.
@ -41,19 +41,19 @@ class AccessTokenController(metaclass=Singleton):
An the AccessToken for this given Token or False.
"""
logger.debug("check token {{ {} }} is valid".format(token))
for accToken in AccessToken.query.filter_by(token=token):
time_end = accToken.timestamp + timedelta(seconds=accToken.lifetime)
for access_token in AccessToken.query.filter_by(token=token):
time_end = access_token.timestamp + timedelta(seconds=access_token.lifetime)
now = datetime.utcnow()
logger.debug("now is {{ {} }}, endtime is {{ {} }}".format(now, time_end))
if now <= time_end:
logger.debug("check if token {{ {} }} is same as {{ {} }}".format(token, accToken))
if not roles or (roles and self.userHasRole(accToken.user, roles)):
accToken.updateTimestamp()
logger.debug("check if token {{ {} }} is same as {{ {} }}".format(token, access_token))
if not roles or (roles and self.userHasRole(access_token.user, roles)):
access_token.updateTimestamp()
db.session.commit()
return accToken
return access_token
else:
logger.debug("access token is {{ {} }} out of date".format(accToken))
db.session.delete(accToken)
logger.debug("access token is {{ {} }} out of date".format(access_token))
db.session.delete(access_token)
db.session.commit()
logger.debug("no valid access token with token: {{ {} }} and group: {{ {} }}".format(token, roles))
return False
@ -79,7 +79,8 @@ class AccessTokenController(metaclass=Singleton):
"""
logger.debug("create access token")
token_str = secrets.token_hex(16)
token = AccessToken(token=token_str, user=user, lifetime=self.lifetime, browser=user_agent.browser, platform=user_agent.platform)
token = AccessToken(token=token_str, user=user, lifetime=self.lifetime,
browser=user_agent.browser, platform=user_agent.platform)
db.session.add(token)
db.session.commit()
@ -89,22 +90,23 @@ class AccessTokenController(metaclass=Singleton):
def getAccessTokensFromUser(self, user):
return AccessToken.query.filter(AccessToken.user == user)
def deleteAccessToken(self, accessToken):
if accessToken is isinstance(accessToken, AccessToken):
db.session.delete(accessToken)
@staticmethod
def delete_token(token):
if token is isinstance(token, AccessToken):
db.session.delete(token)
else:
AccessToken.query.filter_by(token=accessToken).delete()
AccessToken.query.filter_by(token=token).delete()
db.session.commit()
@staticmethod
def update_token(self, token):
token.updateTimestamp()
def update_token(token):
token.update_timestamp()
db.session.commit()
def clear_expired(self):
logger.debug("Clear expired AccessToken")
mightExpired = datetime.utcnow() - timedelta(seconds=self.lifetime)
tokens = AccessToken.query.filter(AccessToken.timestamp < mightExpired)
might_expired = datetime.utcnow() - timedelta(seconds=self.lifetime)
tokens = AccessToken.query.filter(AccessToken.timestamp < might_expired)
logger.debug(tokens)
for token in tokens:
if token.timestamp < datetime.utcnow() - timedelta(seconds=token.lifetime):

View File

@ -15,7 +15,7 @@ def login_required(**kwargs):
def wrapper(*args, **kwargs):
token = request.headers.get('Token')
logger.debug("token is {{ {} }}".format(token))
access_token = ac_controller.validate(token, roles)
access_token = ac_controller.validate_token(token, roles)
logger.debug("accToken is {{ {} }}".format(access_token))
kwargs['accToken'] = access_token
if access_token:

View File

@ -25,12 +25,12 @@ class AccessToken(db.Model):
browser = db.Column(db.String(30))
platform = db.Column(db.String(30))
def updateTimestamp(self):
def update_timestamp(self):
""" Update the Timestamp
Update the Timestamp to the current Time.
"""
logger.debug("update timestamp from accesstoken {{ {} }}".format(self))
logger.debug("update timestamp from access token {{ {} }}".format(self))
self.timestamp = datetime.utcnow()
def toJSON(self):
@ -61,7 +61,9 @@ class AccessToken(db.Model):
return other - self.timestamp
def __str__(self):
return "AccessToken(user={}, token={}, timestamp={}, lifetime={}".format(self.user, self.token, self.timestamp, self.lifetime)
return "AccessToken(user={}, token={}, timestamp={}, lifetime={}".format(
self.user, self.token, self.timestamp, self.lifetime)
def __repr__(self):
return "AccessToken(user={}, token={}, timestamp={}, lifetime={}".format(self.user, self.token, self.timestamp, self.lifetime)
return "AccessToken(user={}, token={}, timestamp={}, lifetime={}".format(
self.user, self.token, self.timestamp, self.lifetime)

View File

@ -2,23 +2,24 @@ from ..database import db
from sqlalchemy.orm.collections import attribute_mapped_collection
from flask import current_app
from werkzeug.local import LocalProxy
logger = LocalProxy(lambda: current_app.logger)
association_table = db.Table('user_group',
db.Column('user_id', db.Integer, db.ForeignKey('user.id')),
db.Column('group_id', db.Integer, db.ForeignKey('group.id'))
)
)
class User(db.Model):
""" Database Object for User
Table for all safed User
Table for all saved User
Attributes:
id: Id in Database as Primary Key.
uid: User ID used by authentication provider
displayname: Name to show
display_name: Name to show
firstname: Firstname of the User
lastname: Lastname of the User
mail: mail address of the User
@ -26,27 +27,28 @@ class User(db.Model):
__tablename__ = 'user'
id = db.Column(db.Integer, primary_key=True)
uid = db.Column(db.String(30))
displayname = db.Column(db.String(30))
display_name = db.Column(db.String(30))
firstname = db.Column(db.String(30))
lastname = db.Column(db.String(30))
mail = db.Column(db.String(30))
groups = db.relationship("Group", secondary=association_table)
sessions = db.relationship("AccessToken", back_populates="user")
attributes = db.relationship("UserAttribute", collection_class=attribute_mapped_collection('name'), cascade="all, delete")
attributes = db.relationship("UserAttribute", collection_class=attribute_mapped_collection('name'),
cascade="all, delete")
def setAttribute(self, name, value):
def set_attribute(self, name, value):
if name in self.attributes:
self.attributes[name].value = value
else:
self.attributes[name] = UserAttribute(name=name, value=value)
def addGroup(self, name):
def add_group(self, name):
r = Group.query.filter_by(name=name).first()
if not r:
r = Group(name=name)
self.groups.append(r)
def updateData(self, data):
def update_data(self, data):
logger.debug("update data of user")
if 'uid' in data:
self.uid = data['uid']
@ -56,14 +58,14 @@ class User(db.Model):
self.lastname = data['lastname']
if 'mail' in data:
self.mail = data['mail']
if 'displayname' in data:
self.displayname = data['displayname']
if 'display_name' in data:
self.display_name = data['display_name']
def toJSON(self):
return {
# TODO: username should be UID?
"username": self.uid,
"displayname": self.displayname,
"display_name": self.display_name,
"firstname": self.firstname,
"lastname": self.lastname,
"mail": self.mail,
@ -78,10 +80,11 @@ class UserAttribute(db.Model):
name = db.Column(db.String(30))
value = db.Column(db.String(192))
group_permission_association_table = db.Table('group_permission',
db.Column('group_id', db.Integer, db.ForeignKey('group.id')),
db.Column('permission_id', db.Integer, db.ForeignKey('permission.id'))
)
)
class Group(db.Model):

View File

@ -10,7 +10,8 @@ setup(
packages=find_packages(),
package_data={'': ['*.yml']},
scripts=['run_flaschengeist'],
install_requires=['Flask >= 1.1', 'PyYAML>=5.3.1', 'sqlalchemy>=1.3', "flask_sqlalchemy", "flask_cors"],
install_requires=['Flask >= 1.1', 'PyYAML>=5.3.1', 'sqlalchemy>=1.3', "flask_sqlalchemy",
"flask_cors", "werkzeug"],
extras_require={
'ldap': [
'flask_ldapconn',