Mercurial > hg > OKFNAnnotator
comparison AuthTokenGenerator.py @ 0:c33668e282fa
first checkin.
author | casties |
---|---|
date | Fri, 23 Mar 2012 16:33:53 +0100 |
parents | |
children | 4c6c8835fc5c |
comparison
equal
deleted
inserted
replaced
-1:000000000000 | 0:c33668e282fa |
---|---|
1 from OFS.SimpleItem import SimpleItem | |
2 from Products.PageTemplates.PageTemplateFile import PageTemplateFile | |
3 from OFS.PropertyManager import PropertyManager | |
4 | |
5 import datetime | |
6 import hashlib | |
7 import json | |
8 | |
9 | |
10 ZERO = datetime.timedelta(0) | |
11 class Utc(datetime.tzinfo): | |
12 def utcoffset(self, dt): | |
13 return ZERO | |
14 | |
15 def tzname(self, dt): | |
16 return "UTC" | |
17 | |
18 def dst(self, dt): | |
19 return ZERO | |
20 UTC = Utc() | |
21 | |
22 | |
23 class AuthTokenGenerator(SimpleItem, PropertyManager): | |
24 """Generator of auth tokens for OKFN Annotator""" | |
25 | |
26 meta_type = 'AuthTokenGenerator' | |
27 _properties=({'id':'consumer_key', 'type': 'string', 'mode': 'w'}, | |
28 {'id':'consumer_secret', 'type': 'string', 'mode': 'w'}, | |
29 ) | |
30 | |
31 manage_options = PropertyManager.manage_options + SimpleItem.manage_options | |
32 | |
33 # Only change this if you're sure you know what you're doing | |
34 consumerTtl = 86400 | |
35 | |
36 def __init__(self, id, consumerKey=None, consumerSecret=None): | |
37 """init document viewer""" | |
38 self.id=id | |
39 self.consumer_key = consumerKey | |
40 self.consumer_secret = consumerSecret | |
41 | |
42 def index_html(self, user='anonymous', password=None): | |
43 """returns authentication token for user""" | |
44 if self._token_allowed(): | |
45 token = self._generate_token(user) | |
46 self.REQUEST.RESPONSE.setHeader("Content-Type", "application/json") | |
47 origin = self.REQUEST.getHeader("Origin", None) | |
48 if origin is not None: | |
49 self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Origin", origin) | |
50 else: | |
51 self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Origin", "*") | |
52 | |
53 self.REQUEST.RESPONSE.setHeader("Access-Control-Allow-Credentials", "true") | |
54 json.dump(token, self.REQUEST.RESPONSE) | |
55 else: | |
56 self.REQUEST.RESPONSE.setStatus('Forbidden') | |
57 return "SORRY, NOT ALLOWED!" | |
58 | |
59 def _token_allowed(self, user=None, password=None): | |
60 # here we should check the login | |
61 return True | |
62 | |
63 def _generate_token(self, user_id): | |
64 #return JSON-token | |
65 issue_time = datetime.datetime.now(UTC).isoformat() | |
66 token = hashlib.sha256(self.consumer_secret + user_id + issue_time).hexdigest() | |
67 | |
68 return dict( | |
69 consumerKey=self.consumer_key, | |
70 authToken=token, | |
71 authTokenIssueTime=issue_time, | |
72 authTokenTTL=self.consumerTtl, | |
73 userId=user_id | |
74 ) | |
75 | |
76 def manage_addAuthTokenGeneratorForm(self): | |
77 """form for adding AuthTokenGenerator""" | |
78 pt = PageTemplateFile("zpt/manage_addAuthTokenGenerator", globals()).__of__(self) | |
79 return pt() | |
80 | |
81 def manage_addAuthTokenGenerator(context, id, consumerKey=None, consumerSecret=None): | |
82 """ """ | |
83 context._setObject(id, AuthTokenGenerator(id, consumerKey=consumerKey, consumerSecret=consumerSecret)) | |
84 return "AuthTokenGenerator Installed: %s" % id |