2022-01-15 02:23:50 +02:00
|
|
|
import logging
|
|
|
|
import time
|
|
|
|
from typing import Optional, Dict, Any, Tuple
|
2022-04-11 00:23:55 -05:00
|
|
|
import jwt
|
|
|
|
from jwt import PyJWTError
|
2022-01-15 02:23:50 +02:00
|
|
|
|
2022-04-11 00:23:55 -05:00
|
|
|
from app.classes.models.users import helper_users, ApiKeys
|
2022-03-08 04:40:44 +00:00
|
|
|
|
|
|
|
logger = logging.getLogger(__name__)
|
2022-01-15 02:23:50 +02:00
|
|
|
|
2022-03-23 02:50:12 +00:00
|
|
|
|
2022-01-15 02:23:50 +02:00
|
|
|
class Authentication:
|
2022-04-11 00:23:55 -05:00
|
|
|
def __init__(self, helper):
|
|
|
|
self.helper = helper
|
2022-01-15 02:23:50 +02:00
|
|
|
self.secret = "my secret"
|
2022-04-11 00:23:55 -05:00
|
|
|
self.secret = self.helper.get_setting("apikey_secret", None)
|
2022-01-15 02:23:50 +02:00
|
|
|
|
2022-03-23 02:50:12 +00:00
|
|
|
if self.secret is None or self.secret == "random":
|
2022-04-11 00:23:55 -05:00
|
|
|
self.secret = self.helper.random_string_generator(64)
|
|
|
|
self.helper.set_setting("apikey_secret", self.secret)
|
2022-01-15 02:23:50 +02:00
|
|
|
|
2022-04-11 00:23:55 -05:00
|
|
|
def generate(self, user_id, extra=None):
|
2022-01-15 02:23:50 +02:00
|
|
|
if extra is None:
|
|
|
|
extra = {}
|
2022-04-10 19:39:31 +00:00
|
|
|
jwt_encoded = jwt.encode(
|
2022-03-23 02:50:12 +00:00
|
|
|
{"user_id": user_id, "iat": int(time.time()), **extra},
|
2022-04-11 00:23:55 -05:00
|
|
|
self.secret,
|
2022-03-23 02:50:12 +00:00
|
|
|
algorithm="HS256",
|
2022-01-15 02:23:50 +02:00
|
|
|
)
|
2022-04-10 19:39:31 +00:00
|
|
|
return jwt_encoded
|
2022-01-15 02:23:50 +02:00
|
|
|
|
2022-04-11 00:23:55 -05:00
|
|
|
def read(self, token):
|
|
|
|
return jwt.decode(token, self.secret, algorithms=["HS256"])
|
2022-01-15 02:23:50 +02:00
|
|
|
|
2022-04-11 00:23:55 -05:00
|
|
|
def check_no_iat(self, token) -> Optional[Dict[str, Any]]:
|
2022-01-15 02:23:50 +02:00
|
|
|
try:
|
2022-04-11 00:23:55 -05:00
|
|
|
return jwt.decode(token, self.secret, algorithms=["HS256"])
|
2022-01-15 02:23:50 +02:00
|
|
|
except PyJWTError as error:
|
|
|
|
logger.debug("Error while checking JWT token: ", exc_info=error)
|
|
|
|
return None
|
|
|
|
|
2022-03-23 02:50:12 +00:00
|
|
|
def check(
|
2022-04-11 00:23:55 -05:00
|
|
|
self,
|
2022-03-23 02:50:12 +00:00
|
|
|
token,
|
|
|
|
) -> Optional[Tuple[Optional[ApiKeys], Dict[str, Any], Dict[str, Any]]]:
|
2022-01-15 02:23:50 +02:00
|
|
|
try:
|
2022-04-11 00:23:55 -05:00
|
|
|
data = jwt.decode(token, self.secret, algorithms=["HS256"])
|
2022-01-15 02:23:50 +02:00
|
|
|
except PyJWTError as error:
|
|
|
|
logger.debug("Error while checking JWT token: ", exc_info=error)
|
|
|
|
return None
|
2022-03-23 02:50:12 +00:00
|
|
|
iat: int = data["iat"]
|
2022-01-15 02:23:50 +02:00
|
|
|
key: Optional[ApiKeys] = None
|
2022-03-23 02:50:12 +00:00
|
|
|
if "token_id" in data:
|
|
|
|
key_id = data["token_id"]
|
2022-04-11 00:23:55 -05:00
|
|
|
key = helper_users.get_user_api_key(key_id)
|
2022-01-15 02:23:50 +02:00
|
|
|
if key is None:
|
|
|
|
return None
|
2022-03-23 02:50:12 +00:00
|
|
|
user_id: str = data["user_id"]
|
2022-04-11 00:23:55 -05:00
|
|
|
user = helper_users.get_user(user_id)
|
2022-03-23 06:06:13 +00:00
|
|
|
# TODO: Have a cache or something so we don't constantly
|
|
|
|
# have to query the database
|
2022-03-23 02:50:12 +00:00
|
|
|
if int(user.get("valid_tokens_from").timestamp()) < iat:
|
2022-01-15 02:23:50 +02:00
|
|
|
# Success!
|
|
|
|
return key, data, user
|
|
|
|
else:
|
|
|
|
return None
|
|
|
|
|
2022-04-11 00:23:55 -05:00
|
|
|
def check_bool(self, token) -> bool:
|
|
|
|
return self.check(token) is not None
|