vanth/vanth/auth.py

61 lines
1.8 KiB
Python

import json
import uuid
import flask
import sepiida.routing
import vanth.platform.user
PUBLIC_ENDPOINTS = [
'session.get',
'session.post',
'about.get',
]
def register_auth_handlers(app):
app.before_request(require_user)
def endpoint():
if flask.request.endpoint and flask.request.method:
return "{}.{}".format(flask.request.endpoint.lower(), flask.request.method.lower())
def error(code, title, status_code=403):
content = {
'errors' : [{
'code' : code,
'title' : title,
}]
}
return flask.make_response(json.dumps(content), status_code)
def require_user():
user = None
if flask.request.method == 'OPTIONS' and 'Access-Control-Request-Method' in flask.request.headers:
return
if not endpoint():
return error('resource-not-found', 'The resource at URL {} could not be found'.format(flask.request.url), 404)
if 'user_uri' not in flask.session:
if endpoint() in PUBLIC_ENDPOINTS:
return
return error('unauthorized', 'You must provide a valid session cookie', 403)
_, params = sepiida.routing.extract_parameters(flask.current_app, 'GET', flask.session['user_uri'])
user = vanth.platform.user.by_filter({'uuid': [str(params['uuid'])]})
if not user and endpoint() not in PUBLIC_ENDPOINTS:
return error('invalid-user', 'The user tied to your session does not exist. Figure that out', 403)
flask.g.current_user = user[0]
flask.g.session = sepiida.routing.uri('session', flask.session['uuid'])
def current_user():
return getattr(flask.g, 'current_user', None)
def is_authenticated():
return current_user() is not None
def set_session(user):
flask.session['user_uri'] = user['uri']
flask.session['uuid'] = str(uuid.uuid4())