monkey/monkey_island/cc/auth.py

from functools import wraps

from flask import current_app, abort
from flask_jwt import JWT, _jwt_required, JWTError
from werkzeug.security import safe_str_cmp

from cc.environment.environment import env

__author__ = 'itay.mizeretz'


class User(object):
    def __init__(self, id, username, secret):
        self.id = id
        self.username = username
        self.secret = secret

    def __str__(self):
        return "User(id='%s')" % self.id


def init_jwt(app):
    users = env.get_auth_users()
    username_table = {u.username: u for u in users}
    userid_table = {u.id: u for u in users}

    def authenticate(username, secret):
        user = username_table.get(username, None)
        if user and safe_str_cmp(user.secret.encode('utf-8'), secret.encode('utf-8')):
            return user

    def identity(payload):
        user_id = payload['identity']
        return userid_table.get(user_id, None)

    if env.is_auth_enabled():
        JWT(app, authenticate, identity)


def jwt_required(realm=None):
    def wrapper(fn):
        @wraps(fn)
        def decorator(*args, **kwargs):
            if env.is_auth_enabled():
                try:
                    _jwt_required(realm or current_app.config['JWT_DEFAULT_REALM'])
                except JWTError:
                    abort(401)
            return fn(*args, **kwargs)

        return decorator

    return wrapper
Add JWT authentication to backend 2018-02-22 16:33:37 +08:00			`from functools import wraps`

return 401 on invalid token 2018-02-22 21:43:51 +08:00			`from flask import current_app, abort`
			`from flask_jwt import JWT, _jwt_required, JWTError`
Add JWT authentication to backend 2018-02-22 16:33:37 +08:00			`from werkzeug.security import safe_str_cmp`

Add server config file and use in frontend+backend 2018-02-23 02:33:40 +08:00			`from cc.environment.environment import env`
Add JWT authentication to backend 2018-02-22 16:33:37 +08:00
			`__author__ = 'itay.mizeretz'`


			`class User(object):`
Fix CR 2018-02-26 00:23:52 +08:00			`def __init__(self, id, username, secret):`
Add JWT authentication to backend 2018-02-22 16:33:37 +08:00			`self.id = id`
			`self.username = username`
Fix CR 2018-02-26 00:23:52 +08:00			`self.secret = secret`
Add JWT authentication to backend 2018-02-22 16:33:37 +08:00
			`def __str__(self):`
			`return "User(id='%s')" % self.id`


Add server config file and use in frontend+backend 2018-02-23 02:33:40 +08:00			`def init_jwt(app):`
			`users = env.get_auth_users()`
			`username_table = {u.username: u for u in users}`
			`userid_table = {u.id: u for u in users}`
Add JWT authentication to backend 2018-02-22 16:33:37 +08:00
Fix CR 2018-02-26 00:23:52 +08:00			`def authenticate(username, secret):`
Add server config file and use in frontend+backend 2018-02-23 02:33:40 +08:00			`user = username_table.get(username, None)`
Fix CR 2018-02-26 00:23:52 +08:00			`if user and safe_str_cmp(user.secret.encode('utf-8'), secret.encode('utf-8')):`
Add server config file and use in frontend+backend 2018-02-23 02:33:40 +08:00			`return user`
Add JWT authentication to backend 2018-02-22 16:33:37 +08:00
Add server config file and use in frontend+backend 2018-02-23 02:33:40 +08:00			`def identity(payload):`
			`user_id = payload['identity']`
			`return userid_table.get(user_id, None)`
Add JWT authentication to backend 2018-02-22 16:33:37 +08:00
Add server config file and use in frontend+backend 2018-02-23 02:33:40 +08:00			`if env.is_auth_enabled():`
Add JWT authentication to backend 2018-02-22 16:33:37 +08:00			`JWT(app, authenticate, identity)`


			`def jwt_required(realm=None):`
return 401 on invalid token 2018-02-22 21:43:51 +08:00			`def wrapper(fn):`
			`@wraps(fn)`
			`def decorator(args, *kwargs):`
Add server config file and use in frontend+backend 2018-02-23 02:33:40 +08:00			`if env.is_auth_enabled():`
return 401 on invalid token 2018-02-22 21:43:51 +08:00			`try:`
			`_jwt_required(realm or current_app.config['JWT_DEFAULT_REALM'])`
			`except JWTError:`
			`abort(401)`
			`return fn(args, *kwargs)`

			`return decorator`

			`return wrapper`