from geruecht.model.accessToken import AccessToken import geruecht.controller as gc import geruecht.controller.mainController as mc import geruecht.controller.databaseController as dc from geruecht.model import BAR from datetime import datetime, timedelta import hashlib from . import Singleton from geruecht.logger import getDebugLogger debug = getDebugLogger() mainController = mc.MainController() db = dc.DatabaseController() class AccesTokenController(metaclass=Singleton): """ Control all createt AccesToken This Class create, delete, find and manage AccesToken. Attributes: tokenList: List of currents AccessToken lifetime: Variable for the Lifetime of one AccessToken in seconds. """ instance = None tokenList = None def __init__(self, lifetime=1800): """ Initialize AccessTokenController Initialize Thread and set tokenList empty. """ debug.info("init accesstoken controller") self.lifetime = gc.accConfig def checkBar(self, user): debug.info("check if user {{ {} }} is baruser".format(user)) if (mainController.checkBarUser(user)): if BAR not in user.group: debug.debug("append bar to user {{ {} }}".format(user)) user.group.append(BAR) return True else: while BAR in user.group: debug.debug("delete bar from user {{ {} }}".format(user)) user.group.remove(BAR) return False debug.debug("user {{ {} }} groups are {{ {} }}".format(user, user.group)) def validateAccessToken(self, token, group): """ Verify Accestoken Verify an Accestoken and Group so if the User has permission or not. Retrieves the accestoken if valid else retrieves False Args: token: Token to verify. group: Group like 'moneymaster', 'gastro', 'user' or 'bar' Returns: An the AccesToken for this given Token or False. """ debug.info("check token {{ {} }} is valid") for accToken in db.getAccessTokens(): debug.debug("accesstoken is {}".format(accToken)) endTime = accToken.timestamp + timedelta(seconds=accToken.lifetime) now = datetime.now() debug.debug("now is {{ {} }}, endtime is {{ {} }}".format(now, endTime)) if now <= endTime: debug.debug("check if token {{ {} }} is same as {{ {} }}".format(token, accToken)) if accToken == token: if not self.checkBar(accToken.user): accToken.lock_bar = False debug.debug("check if accestoken {{ {} }} has group {{ {} }}".format(accToken, group)) if self.isSameGroup(accToken, group): accToken.updateTimestamp() db.updateAccessToken(accToken) debug.debug("found accesstoken {{ {} }} with token: {{ {} }} and group: {{ {} }}".format(accToken, token, group)) return accToken else: debug.debug("accesstoken is {{ {} }} out of date".format(accToken)) db.deleteAccessToken(accToken) debug.debug("no valid accesstoken with token: {{ {} }} and group: {{ {} }}".format(token, group)) return False def createAccesToken(self, user, user_agent=None): """ Create an AccessToken Create an AccessToken for an User and add it to the tokenList. Args: user: For wich User is to create an AccessToken Returns: A created Token for User """ debug.info("creat accesstoken") now = datetime.ctime(datetime.now()) token = hashlib.md5((now + user.dn).encode('utf-8')).hexdigest() self.checkBar(user) accToken = db.createAccessToken(user, token, self.lifetime, datetime.now(), lock_bar=False, user_agent=user_agent) debug.debug("accesstoken is {{ {} }}".format(accToken)) return token def isSameGroup(self, accToken, groups): """ Verify group in AccessToken Verify if the User in the AccesToken has the right group. Args: accToken: AccessToken to verify. groups: Group to verify. Returns: A Bool. If the same then True else False """ debug.info("check accesstoken {{ {} }} has group {{ {} }}".format(accToken, groups)) for group in groups: if group in accToken.user.group: return True return False def getAccessTokensFromUser(self, user): return db.getAccessTokensFromUser(user) def deleteAccessToken(self, accToken): db.deleteAccessToken(accToken) def updateAccessToken(self, accToken): accToken.updateTimestamp() return db.updateAccessToken(accToken)