flaschengeist/geruecht/controller/accesTokenController.py

109 lines
4.1 KiB
Python

from geruecht.model.accessToken import AccessToken
#import geruecht.controller.userController as userController
from geruecht.model import BAR
from geruecht.controller import LOGGER
from datetime import datetime, timedelta
import hashlib
from . import Singleton
class AccesTokenController(metaclass=Singleton):
""" Control all createt AccesToken
This Class create, delete, find and manage AccesToken.
Attributes:
tokenList: List of currents AccessToken
lifetime: Variable for the Lifetime of one AccessToken in seconds.
"""
instance = None
tokenList = None
def __init__(self, lifetime=1800):
""" Initialize AccessTokenController
Initialize Thread and set tokenList empty.
"""
LOGGER.info("Initialize AccessTokenController")
self.lifetime = lifetime
self.tokenList = []
#def checkBar(self, user):
# if (userController.checkBarUser(user)):
# user.group.append(BAR)
# elif BAR in user.group:
# user.group.remove(BAR)
def validateAccessToken(self, token, group):
""" Verify Accestoken
Verify an Accestoken and Group so if the User has permission or not.
Retrieves the accestoken if valid else retrieves False
Args:
token: Token to verify.
group: Group like 'moneymaster', 'gastro', 'user' or 'bar'
Returns:
An the AccesToken for this given Token or False.
"""
LOGGER.info("Verify AccessToken with token: {} and group: {}".format(token, group))
for accToken in self.tokenList:
LOGGER.debug("Check is token {} same as in AccessToken {}".format(token, accToken))
if accToken == token:
LOGGER.debug("AccessToken is {}".format(accToken))
endTime = accToken.timestamp + timedelta(seconds=self.lifetime)
now = datetime.now()
LOGGER.debug("Check if AccessToken's Endtime {} is bigger then now {}".format(endTime, now))
if now <= endTime:
self.checkBar(accToken.user)
LOGGER.debug("Check if AccesToken {} has same group {}".format(accToken, group))
if self.isSameGroup(accToken, group):
accToken.updateTimestamp()
LOGGER.info("Found AccessToken {} with token: {} and group: {}".format(accToken, token, group))
return accToken
else:
LOGGER.debug("AccessToken {} is no longer valid and will removed".format(accToken))
self.tokenList.remove(accToken)
LOGGER.info("Found no valid AccessToken with token: {} and group: {}".format(token, group))
return False
def createAccesToken(self, user):
""" Create an AccessToken
Create an AccessToken for an User and add it to the tokenList.
Args:
user: For wich User is to create an AccessToken
Returns:
A created Token for User
"""
LOGGER.info("Create AccessToken")
now = datetime.ctime(datetime.now())
token = hashlib.md5((now + user.dn).encode('utf-8')).hexdigest()
self.checkBar(user)
accToken = AccessToken(user, token, datetime.now())
LOGGER.debug("Add AccessToken {} to current Tokens".format(accToken))
self.tokenList.append(accToken)
LOGGER.info("Finished create AccessToken {} with Token {}".format(accToken, token))
return token
def isSameGroup(self, accToken, groups):
""" Verify group in AccessToken
Verify if the User in the AccesToken has the right group.
Args:
accToken: AccessToken to verify.
groups: Group to verify.
Returns:
A Bool. If the same then True else False
"""
print("controll if", accToken, "hase groups", groups)
LOGGER.debug("Check if AccessToken {} has group {}".format(accToken, groups))
for group in groups:
if group in accToken.user.group: return True
return False