Check if the token is valid

2015-04-07 12:42:50 -03:00 · 2015-04-07 12:42:50 -03:00 · 3117111687
commit 3117111687
parent 1715f5dffe
1 changed files with 45 additions and 10 deletions
--- a/attract/application/init.py
+++ b/attract/application/init.py
@ -1,7 +1,9 @@
+import os
+
 from eve import Eve

-import random
-import string
+# import random
+# import string

 from eve.auth import TokenAuth
 from eve.auth import BasicAuth
@ -9,9 +11,45 @@ from eve.io.mongo import Validator
 from bson import ObjectId


+class SystemUtility():
+    def __new__(cls, *args, **kwargs):
+        raise TypeError("Base class may not be instantiated")
+
+    @staticmethod
+    def blender_id_endpoint():
+        """Gets the endpoint for the authentication API. If the env variable
+        is defined, it's possible to override the (default) production address.
+        """
+        return os.environ.get(
+            'BLENDER_ID_ENDPOINT', "https://www.blender.org/id")
+
+
+def validate(token):
+    import requests
+    payload = dict(
+        token=token)
+    try:
+        r = requests.post("{0}/u/validate_token".format(
+            SystemUtility.blender_id_endpoint()), data=payload)
+    except requests.exceptions.ConnectionError as e:
+        raise e
+
+    if r.status_code == 200:
+        message = r.json()['message']
+        valid = r.json()['valid']
+    else:
+        message = ""
+        valid = False
+    return dict(valid=valid, message=message)
+
+
 class TokensAuth(TokenAuth):
    def check_auth(self, token, allowed_roles, resource, method):
-        tokens = app.data.driver.db['tokens']
+        # print (token)
+        validation = validate(token)
+        # print validation['message']
+        return validation['valid']
+        """tokens = app.data.driver.db['tokens']
        lookup = {'token': token}
        token = tokens.find_one(lookup)
        if not token:
@ -23,7 +61,7 @@ class TokensAuth(TokenAuth):
        user = users.find_one(lookup)
        if not user:
            return False
-        return token
+        return token"""

 class BasicsAuth(BasicAuth):
    def check_auth(self, username, password, allowed_roles, resource, method):
@ -63,14 +101,11 @@ class ValidateCustomFields(Validator):
                field, "Error validating properties")


-def add_token(documents):
-    # Don't use this in production:
-    # You should at least make sure that the token is unique.
-    # print ("Adding Token")
+"""def add_token(documents):
    for document in documents:
        document["token"] = (''.join(random.choice(string.ascii_uppercase)
-                                     for x in range(10)))
+                                     for x in range(10)))"""


 app = Eve(validator=ValidateCustomFields, auth=MyTokenAuth)
-app.on_insert_tokens += add_token
+# app.on_insert_tokens += add_token