You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kibble.apache.org by hu...@apache.org on 2018/09/18 16:21:24 UTC
[kibble] 01/02: adopt a token system for API access outside browsers
This is an automated email from the ASF dual-hosted git repository.
humbedooh pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/kibble.git
commit 34dc05038cd92f71fc1aed58521412b74b9017d4
Author: Daniel Gruno <hu...@apache.org>
AuthorDate: Tue Sep 18 18:20:56 2018 +0200
adopt a token system for API access outside browsers
the token is autogenerated on your first login,
and needs to be changable/resettable.
---
api/plugins/session.py | 66 ++++++++++++++++++++++++++++----------------------
1 file changed, 37 insertions(+), 29 deletions(-)
diff --git a/api/plugins/session.py b/api/plugins/session.py
index 6476135..40e0b59 100644
--- a/api/plugins/session.py
+++ b/api/plugins/session.py
@@ -107,34 +107,42 @@ class KibbleSession(object):
# Get Kibble cookie
cookie = None
cookies = None
- if 'HTTP_COOKIE' in environ:
- cookies = http.cookies.SimpleCookie(environ['HTTP_COOKIE'])
- if cookies and 'kibble_session' in cookies:
- cookie = cookies['kibble_session'].value
- try:
- if re.match(r"^[-a-f0-9]+$", cookie): # Validate cookie, must follow UUID4 specs
- doc = None
- sdoc = self.DB.ES.get(index=self.DB.dbname, doc_type='uisession', id = cookie)
- if sdoc and 'cid' in sdoc['_source']:
- doc = self.DB.ES.get(index=self.DB.dbname, doc_type='useraccount', id = sdoc['_source']['cid'])
- if doc and '_source' in doc:
- # Make sure this cookie has been used in the past 7 days, else nullify it.
- # Further more, run an update of the session if >1 hour ago since last update.
- age = time.time() - sdoc['_source']['timestamp']
- if age > (7*86400):
- self.DB.ES.delete(index=self.DB.dbname, doc_type='uisession', id = cookie)
- sdoc['_source'] = None # Wipe it!
- doc = None
- elif age > 3600:
- sdoc['_source']['timestamp'] = int(time.time()) # Update timestamp in session DB
- self.DB.ES.update(index=self.DB.dbname, doc_type='uisession', id = cookie, body = {'doc':sdoc['_source']})
- if doc:
- self.user = doc['_source']
- else:
- cookie = None
- except Exception as err:
- print(err)
- if not cookie:
- self.newCookie()
+ if 'HTTP_KIBBLE_TOKEN' in environ:
+ token = environ.get('HTTP_KIBBLE_TOKEN')
+ if re.match(r"^[-a-f0-9]+$", token): # Validate token, must follow UUID4 specs
+ res = self.DB.ES.search(index=self.DB.dbname, doc_type='useraccount', body = {"query": { "match": { "token": token}}})
+ if res['hits']['hits']:
+ self.user = res['hits']['hits'][0]['_source']
+ self.newCookie()
+ else:
+ if 'HTTP_COOKIE' in environ:
+ cookies = http.cookies.SimpleCookie(environ['HTTP_COOKIE'])
+ if cookies and 'kibble_session' in cookies:
+ cookie = cookies['kibble_session'].value
+ try:
+ if re.match(r"^[-a-f0-9]+$", cookie): # Validate cookie, must follow UUID4 specs
+ doc = None
+ sdoc = self.DB.ES.get(index=self.DB.dbname, doc_type='uisession', id = cookie)
+ if sdoc and 'cid' in sdoc['_source']:
+ doc = self.DB.ES.get(index=self.DB.dbname, doc_type='useraccount', id = sdoc['_source']['cid'])
+ if doc and '_source' in doc:
+ # Make sure this cookie has been used in the past 7 days, else nullify it.
+ # Further more, run an update of the session if >1 hour ago since last update.
+ age = time.time() - sdoc['_source']['timestamp']
+ if age > (7*86400):
+ self.DB.ES.delete(index=self.DB.dbname, doc_type='uisession', id = cookie)
+ sdoc['_source'] = None # Wipe it!
+ doc = None
+ elif age > 3600:
+ sdoc['_source']['timestamp'] = int(time.time()) # Update timestamp in session DB
+ self.DB.ES.update(index=self.DB.dbname, doc_type='uisession', id = cookie, body = {'doc':sdoc['_source']})
+ if doc:
+ self.user = doc['_source']
+ else:
+ cookie = None
+ except Exception as err:
+ print(err)
+ if not cookie:
+ self.newCookie()
self.cookie = cookie
\ No newline at end of file