115 lines
4.2 KiB
Python
115 lines
4.2 KiB
Python
from ..models.accessToken import AccessToken
|
|
from flaschengeist.system.database import db
|
|
|
|
from datetime import datetime, timedelta
|
|
import secrets
|
|
from . import Singleton
|
|
from flask import Blueprint, request, jsonify
|
|
import logging
|
|
|
|
logger = logging.getLogger("flaschenpost")
|
|
|
|
class AccesTokenController(metaclass=Singleton):
|
|
""" Control all createt AccesToken
|
|
|
|
This Class create, delete, find and manage AccesToken.
|
|
|
|
Attributes:
|
|
tokenList: List of currents AccessToken
|
|
lifetime: Variable for the Lifetime of one AccessToken in seconds.
|
|
"""
|
|
instance = None
|
|
tokenList = None
|
|
|
|
def __init__(self, lifetime=1800):
|
|
""" Initialize AccessTokenController
|
|
|
|
Initialize Thread and set tokenList empty.
|
|
"""
|
|
logger.debug("init accesstoken controller")
|
|
self.lifetime = lifetime
|
|
|
|
def validateAccessToken(self, token, group):
|
|
""" Verify Accestoken
|
|
|
|
Verify an Accestoken and Group so if the User has permission or not.
|
|
Retrieves the accestoken if valid else retrieves False
|
|
|
|
Args:
|
|
token: Token to verify.
|
|
group: Group like 'moneymaster', 'gastro', 'user' or 'bar'
|
|
Returns:
|
|
An the AccesToken for this given Token or False.
|
|
"""
|
|
logger.debug("check token {{ {} }} is valid".format(token))
|
|
for accToken in AccessToken.query.filter_by(token=token):
|
|
endTime = accToken.timestamp + timedelta(seconds=accToken.lifetime)
|
|
now = datetime.utcnow()
|
|
logger.debug("now is {{ {} }}, endtime is {{ {} }}".format(now, endTime))
|
|
if now <= endTime:
|
|
logger.debug("check if token {{ {} }} is same as {{ {} }}".format(token, accToken))
|
|
if accToken == token:
|
|
# if not self.checkBar(accToken.user):
|
|
# accToken.lock_bar = False
|
|
# logger.debug("check if accestoken {{ {} }} has group {{ {} }}".format(accToken, group))
|
|
# if self.isSameGroup(accToken, group):
|
|
accToken.updateTimestamp()
|
|
db.session.commit()
|
|
# logger.debug("found accesstoken {{ {} }} with token: {{ {} }} and group: {{ {} }}".format(accToken, token, group))
|
|
return accToken
|
|
else:
|
|
logger.debug("accesstoken is {{ {} }} out of date".format(accToken))
|
|
db.session.delete(accToken)
|
|
db.session.commit()
|
|
logger.debug("no valid accesstoken with token: {{ {} }} and group: {{ {} }}".format(token, group))
|
|
return False
|
|
|
|
def createAccesToken(self, user, user_agent=None):
|
|
""" Create an AccessToken
|
|
|
|
Create an AccessToken for an User and add it to the tokenList.
|
|
|
|
Args:
|
|
user: For wich User is to create an AccessToken
|
|
|
|
Returns:
|
|
A created Token for User
|
|
"""
|
|
logger.debug("creat accesstoken")
|
|
token = secrets.token_hex(16)
|
|
accToken = AccessToken(token=token, user=user, lifetime=self.lifetime, browser=user_agent.browser, platform=user_agent.platform)
|
|
db.session.add(accToken)
|
|
db.session.commit()
|
|
|
|
logger.debug("accesstoken is {{ {} }}".format(accToken))
|
|
return token
|
|
|
|
def isSameGroup(self, accToken, groups):
|
|
""" Verify group in AccessToken
|
|
|
|
Verify if the User in the AccesToken has the right group.
|
|
|
|
Args:
|
|
accToken: AccessToken to verify.
|
|
groups: Group to verify.
|
|
|
|
Returns:
|
|
A Bool. If the same then True else False
|
|
"""
|
|
debug.info("check accesstoken {{ {} }} has group {{ {} }}".format(accToken, groups))
|
|
for group in groups:
|
|
if group in accToken.user.group: return True
|
|
return False
|
|
|
|
def getAccessTokensFromUser(self, user):
|
|
return db.getAccessTokensFromUser(user)
|
|
|
|
def deleteAccessToken(self, accToken):
|
|
db.session.delete(accToken)
|
|
db.session.commit()
|
|
#AccessToken.query.filter_by(token=accToken).delete()
|
|
|
|
def updateAccessToken(self, accToken):
|
|
accToken.updateTimestamp()
|
|
return db.updateAccessToken(accToken)
|