flaschengeist/geruecht/controller/accesTokenController.py

from geruecht.model.accessToken import AccessToken
from geruecht.controller import LOGGER
from datetime import datetime, timedelta
import hashlib
from . import Singleton

class AccesTokenController(metaclass=Singleton):
    """ Control all createt AccesToken

        This Class create, delete, find and manage AccesToken.

        Attributes:
            tokenList: List of currents AccessToken
            lifetime: Variable for the Lifetime of one AccessToken in seconds.
    """
    instance = None
    tokenList = None
    lifetime = 1800

    def __init__(self, arg):
        """ Initialize AccessTokenController

            Initialize Thread and set tokenList empty.
        """
        LOGGER.info("Initialize AccessTokenController")

        self.tokenList = []

    def validateAccessToken(self, token, group):
        """ Verify Accestoken

            Verify an Accestoken and Group so if the User has permission or not.
            Retrieves the accestoken if valid else retrieves False

            Args:
                token: Token to verify.
                group: Group like 'moneymaster', 'gastro', 'user' or 'bar'
            Returns:
                An the AccesToken for this given Token or False.
        """
        LOGGER.info("Verify AccessToken with token: {} and group: {}".format(token, group))
        for accToken in self.tokenList:
            LOGGER.debug("Check is token {} same as in AccessToken {}".format(token, accToken))
            if accToken == token:
                LOGGER.debug("AccessToken is {}".format(accToken))
                endTime = accToken.timestamp + timedelta(seconds=self.lifetime)
                now = datetime.now()
                LOGGER.debug("Check if AccessToken's Endtime {} is bigger then now {}".format(endTime, now))
                if now <= endTime:
                    LOGGER.debug("Check if AccesToken {} has same group {}".format(accToken, group))
                    if self.isSameGroup(accToken, group):
                        accToken.updateTimestamp()
                        LOGGER.info("Found AccessToken {} with token: {} and group: {}".format(accToken, token, group))
                        return accToken
                else:
                    LOGGER.debug("AccessToken {} is no longer valid and will removed".format(accToken))
                    self.tokenList.remove(accToken)
        LOGGER.info("Found no valid AccessToken with token: {} and group: {}".format(token, group))
        return False

    def createAccesToken(self, user):
        """ Create an AccessToken

            Create an AccessToken for an User and add it to the tokenList.

            Args:
                user: For wich User is to create an AccessToken

            Returns:
                A created Token for User
        """
        LOGGER.info("Create AccessToken")
        now = datetime.ctime(datetime.now())
        token = hashlib.md5((now + user.dn).encode('utf-8')).hexdigest()
        accToken = AccessToken(user, token, datetime.now())
        LOGGER.debug("Add AccessToken {} to current Tokens".format(accToken))
        self.tokenList.append(accToken)
        LOGGER.info("Finished create AccessToken {} with Token {}".format(accToken, token))
        return token

    def isSameGroup(self, accToken, group):
        """ Verify group in AccessToken

            Verify if the User in the AccesToken has the right group.

            Args:
                accToken: AccessToken to verify.
                group: Group to verify.

            Returns:
                A Bool. If the same then True else False
        """
        print("controll if", accToken, "hase group", group)
        LOGGER.debug("Check if AccessToken {} has group {}".format(accToken, group))
        return True if group in accToken.user.group else False