realms-wiki/realms/modules/auth/models.py

from flask import current_app
from flask.ext.login import UserMixin, logout_user, AnonymousUserMixin
from realms import login_manager
from realms.lib.util import gravatar_url
from itsdangerous import URLSafeSerializer, BadSignature
from hashlib import sha256
import bcrypt
import importlib


@login_manager.user_loader
def load_user(auth_id):
    return Auth.load_user(auth_id)

auth_users = {}


class Auth(object):

    @staticmethod
    def get_auth_user(auth_type):
        mod = importlib.import_module('realms.modules.auth.%s.models' % auth_type)
        return mod.User

    @staticmethod
    def load_user(auth_id):
        auth_type, user_id = auth_id.split("/")
        return Auth.get_auth_user(auth_type).load_user(user_id)

    @staticmethod
    def login_forms():
        forms = []
        # TODO be dynamic
        for t in ['local', 'ldap']:
            forms.append(Auth.get_auth_user(t).login_form())
        return forms


class AnonUser(AnonymousUserMixin):
    username = 'Anon'
    email = ''
    admin = False


class BaseUser(UserMixin):
    id = None
    email = None
    username = None
    type = 'base'

    def get_id(self):
        return unicode("%s/%s" % (self.type, self.id))

    def get_auth_token(self):
        key = sha256(self.auth_token_id).hexdigest()
        return BaseUser.signer(key).dumps(dict(id=self.id))

    @property
    def auth_token_id(self):
        raise NotImplementedError

    @property
    def avatar(self):
        return gravatar_url(self.email)

    @staticmethod
    def load_user(*args, **kwargs):
        raise NotImplementedError

    @staticmethod
    def signer(salt):
        return URLSafeSerializer(current_app.config['SECRET_KEY'] + salt)

    @staticmethod
    def hash_password(password):
        return bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt(12))

    @staticmethod
    def check_password(password, hashed):
        return bcrypt.hashpw(password.encode('utf-8'), hashed.encode('utf-8')) == hashed

    @classmethod
    def logout(cls):
        logout_user()

    @staticmethod
    def login_form():
        pass

login_manager.anonymous_user = AnonUser
use application factory, WIP 2014-10-22 00:06:27 +03:00			`from flask import current_app`
ldap second pass, working state 2015-10-15 23:55:38 +03:00			`from flask.ext.login import UserMixin, logout_user, AnonymousUserMixin`
first pass, non-working 2015-10-14 06:52:30 +03:00			`from realms import login_manager`
WIP 2014-08-30 18:06:12 +03:00			`from realms.lib.util import gravatar_url`
WIP 2014-08-20 18:28:25 +03:00			`from itsdangerous import URLSafeSerializer, BadSignature`
			`from hashlib import sha256`
			`import bcrypt`
first pass, non-working 2015-10-14 06:52:30 +03:00			`import importlib`
WIP 2014-08-20 18:28:25 +03:00

			`@login_manager.user_loader`
first pass, non-working 2015-10-14 06:52:30 +03:00			`def load_user(auth_id):`
			`return Auth.load_user(auth_id)`
WIP 2014-08-20 18:28:25 +03:00
first pass, non-working 2015-10-14 06:52:30 +03:00			`auth_users = {}`
WIP 2014-08-20 18:28:25 +03:00

first pass, non-working 2015-10-14 06:52:30 +03:00			`class Auth(object):`
WIP 2014-08-20 18:28:25 +03:00
first pass, non-working 2015-10-14 06:52:30 +03:00			`@staticmethod`
			`def get_auth_user(auth_type):`
			`mod = importlib.import_module('realms.modules.auth.%s.models' % auth_type)`
			`return mod.User`
WIP 2014-08-20 18:28:25 +03:00
first pass, non-working 2015-10-14 06:52:30 +03:00			`@staticmethod`
			`def load_user(auth_id):`
			`auth_type, user_id = auth_id.split("/")`
			`return Auth.get_auth_user(auth_type).load_user(user_id)`
WIP 2014-08-20 18:28:25 +03:00
first pass, non-working 2015-10-14 06:52:30 +03:00			`@staticmethod`
			`def login_forms():`
			`forms = []`
			`# TODO be dynamic`
ldap first pass 2015-10-15 01:36:22 +03:00			`for t in ['local', 'ldap']:`
first pass, non-working 2015-10-14 06:52:30 +03:00			`forms.append(Auth.get_auth_user(t).login_form())`
			`return forms`
WIP 2014-08-20 18:28:25 +03:00

WIP 2014-08-30 18:06:12 +03:00			`class AnonUser(AnonymousUserMixin):`
			`username = 'Anon'`
			`email = ''`
worked on assets bundling, added admin field 2014-09-04 05:29:47 +03:00			`admin = False`
WIP 2014-08-30 18:06:12 +03:00
WIP 2014-08-20 18:28:25 +03:00
first pass, non-working 2015-10-14 06:52:30 +03:00			`class BaseUser(UserMixin):`
			`id = None`
			`email = None`
			`username = None`
			`type = 'base'`
WIP 2014-08-20 18:28:25 +03:00
first pass, non-working 2015-10-14 06:52:30 +03:00			`def get_id(self):`
			`return unicode("%s/%s" % (self.type, self.id))`
WIP 2014-08-20 18:28:25 +03:00
			`def get_auth_token(self):`
first pass, non-working 2015-10-14 06:52:30 +03:00			`key = sha256(self.auth_token_id).hexdigest()`
			`return BaseUser.signer(key).dumps(dict(id=self.id))`

			`@property`
			`def auth_token_id(self):`
			`raise NotImplementedError`
WIP 2014-08-30 18:06:12 +03:00
			`@property`
			`def avatar(self):`
			`return gravatar_url(self.email)`
WIP 2014-08-20 18:28:25 +03:00
			`@staticmethod`
first pass, non-working 2015-10-14 06:52:30 +03:00			`def load_user(args, *kwargs):`
			`raise NotImplementedError`

WIP 2014-08-20 18:28:25 +03:00			`@staticmethod`
WIP 2014-08-30 18:06:12 +03:00			`def signer(salt):`
use application factory, WIP 2014-10-22 00:06:27 +03:00			`return URLSafeSerializer(current_app.config['SECRET_KEY'] + salt)`
WIP 2014-08-20 18:28:25 +03:00
			`@staticmethod`
WIP 2014-08-30 18:06:12 +03:00			`def hash_password(password):`
			`return bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt(12))`

			`@staticmethod`
			`def check_password(password, hashed):`
			`return bcrypt.hashpw(password.encode('utf-8'), hashed.encode('utf-8')) == hashed`
WIP 2014-08-20 18:28:25 +03:00
			`@classmethod`
			`def logout(cls):`
			`logout_user()`

first pass, non-working 2015-10-14 06:52:30 +03:00			`@staticmethod`
			`def login_form():`
			`pass`

updated dockerfile, spacing adjustments 2014-11-17 19:25:26 +02:00			`login_manager.anonymous_user = AnonUser`