60 lines
2.0 KiB
Python
60 lines
2.0 KiB
Python
from pyramid.security import authenticated_userid, forget, remember
|
|
from pyramid.view import view_config
|
|
from webob import Response
|
|
from webob.exc import HTTPFound
|
|
|
|
from soter import rolefinder
|
|
from soter.models.auth import User, Permission
|
|
from soter.models.validation_exception import TryCatchFunction
|
|
|
|
|
|
@view_config(route_name='v1_auth', renderer='json')
|
|
def user_permission(request):
|
|
user_id = authenticated_userid(request)
|
|
if user_id is None:
|
|
auth = {'isAuthenticated': False, 'permissions': {}}
|
|
elif 'auth' in request.session:
|
|
auth = request.session['auth']
|
|
else:
|
|
user = User.by_id(user_id)
|
|
auth = {'isAuthenticated': True, 'name': user.name, 'id': user.id}
|
|
session_perms = rolefinder(user.id, request)
|
|
perms = {}
|
|
for item in Permission.list():
|
|
perms[item.name] = True if item.name in session_perms else False
|
|
auth['permissions'] = perms
|
|
request.session['auth'] = auth
|
|
return auth
|
|
|
|
|
|
@view_config(route_name='logout')
|
|
def logout(request):
|
|
request.session.invalidate()
|
|
headers = forget(request)
|
|
return HTTPFound(location=request.route_url('home'), headers=headers)
|
|
|
|
|
|
@view_config(request_method='POST', route_name='v1_login', renderer='json')
|
|
@TryCatchFunction
|
|
def login(request):
|
|
username = request.json_body.get('username', None)
|
|
password = request.json_body.get('password', None)
|
|
found, user = User.auth(username, password)
|
|
|
|
if found:
|
|
headers = remember(request, str(user.id))
|
|
request.response.headers = headers
|
|
request.response.content_type = 'application/json'
|
|
request.response.charset = 'utf8'
|
|
auth = {'isAuthenticated': True, 'name': user.name, 'id': user.id}
|
|
session_perms = rolefinder(user.id, request)
|
|
perms = {}
|
|
for item in Permission.list():
|
|
perms[item.name] = True if item.name in session_perms else False
|
|
auth['permissions'] = perms
|
|
return auth
|
|
else:
|
|
response = Response("Login failed")
|
|
response.status_int = 403
|
|
return response
|