[ADD] authentication engine

api/resources/docker_resource.py

@@ -3,6 +3,7 @@ from __future__ import unicode_literals
 from django.conf.urls import url
 from tastypie.resources import Resource
 from tastypie.utils import trailing_slash
+from api.utils.jwt_authentication import JWTAuthentication
 from api.utils.docker_api import (
     get_all_images, 
     get_all_containers, 
@@ -15,7 +16,7 @@ from api.utils.docker_api import (
 '''
 class DockerResource(Resource):
     class Meta:
-       pass
+        authentication = JWTAuthentication()
 
     '''
     '''

api/resources/group_resource.py

@@ -1,7 +1,7 @@
 # -*- coding: utf-8 -*-
 from __future__ import unicode_literals
 from tastypie.resources import ModelResource
-from tastypie.authorization import Authorization
+from api.utils.jwt_authentication import JWTAuthentication
 from django.contrib.auth.models import Group
 
 '''
@@ -9,5 +9,5 @@ from django.contrib.auth.models import Group
 class GroupResource(ModelResource):
     class Meta:
         queryset = Group.objects.all()
-        authorization = Authorization()
-        always_return_data = True
+        always_return_data = True
+        authentication = JWTAuthentication()

api/resources/odoo_resource.py

@@ -4,7 +4,6 @@ from django.conf.urls import url
 from django.conf import settings
 from tastypie.resources import Resource
 from tastypie.utils import trailing_slash
-from simplejson import JSONDecodeError
 from core.models.request import Request
 from api.utils.odoo_api import (
     normalize_name,
@@ -19,11 +18,13 @@ from api.utils.odoo_api import (
     create_odoo_container,
     apply_permissions
 )
+from api.utils.jwt_authentication import JWTAuthentication
+from simplejson import JSONDecodeError
 import simplejson as json
 
 class OdooResource(Resource):
     class Meta:
-        pass
+        authentication = JWTAuthentication()
 
     '''
     '''

api/resources/permission_resource.py

@@ -2,6 +2,7 @@
 from __future__ import unicode_literals
 from tastypie.resources import ModelResource
 from tastypie.authorization import Authorization
+from api.utils.jwt_authentication import JWTAuthentication
 from django.contrib.auth.models import Permission
 
 '''
@@ -9,5 +10,5 @@ from django.contrib.auth.models import Permission
 class PermissionResource(ModelResource):
     class Meta:
         queryset = Permission.objects.all()
-        authorization = Authorization()
-        always_return_data = True
+        always_return_data = True
+        authentication = JWTAuthentication()

api/resources/playbook_resource.py

@@ -1,29 +0,0 @@
-# -*- coding: utf-8 -*-
-from __future__ import unicode_literals
-from django.conf.urls import url
-from django.conf import settings
-from tastypie.resources import Resource
-from tastypie.utils import trailing_slash
-from api.utils.command import list_files_and_folders
-from api.utils.docker_api import get_all_containers, get_all_images
-
-'''
-'''
-class PlaybookResource(Resource):
-    class Meta:
-        allowed_methods = ['get']
-
-    '''
-    '''
-    def prepend_urls(self):
-        return [
-            url(r'^(?P<resource_name>%s)/discovery%s$' % (self._meta.resource_name, trailing_slash), self.wrap_view('discovery_playbooks'), name='api_discovery_playbooks'),
-        ]
-
-    '''
-    '''
-    def discovery_playbooks(self, request, **kwargs):
-        get_all_images()
-
-        bundle = self.build_bundle(obj={}, request=request)
-        return self.create_response(request, bundle.obj)

api/resources/task_resource.py

@@ -1,7 +1,7 @@
 # -*- coding: utf-8 -*-
 from __future__ import unicode_literals
 from tastypie.resources import ModelResource
-from tastypie.authorization import Authorization
+from api.utils.jwt_authentication import JWTAuthentication
 from core.models.task import Task
 
 '''
@@ -9,4 +9,4 @@ from core.models.task import Task
 class TaskResource(ModelResource):
     class Meta:
         queryset = Task.objects.all()
-        authorization = Authorization()
+        authentication = JWTAuthentication()

api/resources/user_resource.py

@@ -6,9 +6,10 @@ from tastypie.authorization import Authorization
 from tastypie.exceptions import ImmediateHttpResponse
 from tastypie.utils import trailing_slash
 from django.conf.urls import url
-from core.models.user import User
+from django.contrib.auth.models import User
 from api.validations.user_validation import UserValidation
 from api.resources.group_resource import GroupResource
+from api.utils.jwt_authentication import JWTAuthentication
 import simplejson as json
 
 '''
@@ -18,9 +19,9 @@ class UserResource(ModelResource):
 
     class Meta:
         queryset = User.objects.all()
-        authorization = Authorization()
         always_return_data = True
         validation = UserValidation()
+        authentication = JWTAuthentication()
 
     '''
     '''

api/urls.py

@@ -9,7 +9,6 @@ from api.resources.group_resource import GroupResource
 from api.resources.jwt_resource import JWTResource
 from api.resources.request_resource import RequestResource
 from api.resources.task_resource import TaskResource
-from api.resources.playbook_resource import PlaybookResource
 from api.resources.docker_resource import DockerResource
 from api.resources.odoo_resource import OdooResource
 
@@ -20,6 +19,5 @@ v1_api.register(GroupResource())
 v1_api.register(JWTResource())
 v1_api.register(RequestResource())
 v1_api.register(TaskResource())
-v1_api.register(PlaybookResource())
 v1_api.register(DockerResource())
 v1_api.register(OdooResource())

api/utils/ansible.py

@@ -1,2 +0,0 @@
-# -*- coding: utf-8 -*-
-from __future__ import unicode_literals

api/utils/jwt_authentication.py

@@ -10,6 +10,7 @@ class JWTAuthentication(Authentication):
     '''
     '''
     def is_authenticated(self, request, **kwargs):
+
         # Check content type
         if request.content_type != 'application/json':
             return False

api/utils/jwt_token.py

@@ -5,7 +5,7 @@ from django.conf import settings
 from django.contrib.auth import authenticate
 from django.contrib.auth.models import User
 from django.utils.crypto import constant_time_compare
-
+from jwt import DecodeError
 import jwt
 
 '''
@@ -35,7 +35,12 @@ def explode_token(token):
     if not settings.JWT_SECRET_KEY:
         return None
 
-    payload = jwt.decode(token, settings.JWT_SECRET_KEY, algorithm='HS256')
+    payload = None
+
+    try:
+        payload = jwt.decode(token, settings.JWT_SECRET_KEY, algorithm='HS256')
+    except DecodeError:
+        return False
 
     # Check payload parameters
     if 'uid' not in payload or 'password' not in payload:
@@ -67,6 +72,11 @@ def get_username(token):
 '''
 def check_token(token):
     payload = explode_token(token)
+     
+    if not payload:
+        return False
+
+    print(payload['uid'])
 
     user = User.objects.get(pk=payload['uid'])
 

api/validations/user_validation.py

@@ -3,6 +3,7 @@ from __future__ import unicode_literals
 from tastypie.validation import Validation
 
 class UserValidation(Validation):
+    
     '''
     '''
     def is_valid(self, bundle, request=None):

core/admin.py

@@ -1,7 +0,0 @@
-# -*- coding: utf-8 -*-
-from __future__ import unicode_literals
-from django.contrib import admin
-from django.contrib.auth.admin import UserAdmin
-from core.models.user import User
-
-admin.site.register(User, UserAdmin)

core/migrations/0001_initial.py

@@ -1,13 +1,10 @@
 # -*- coding: utf-8 -*-
-# Generated by Django 1.11 on 2018-03-02 14:06
+# Generated by Django 1.11 on 2018-03-28 19:06
 from __future__ import unicode_literals
 
 from django.conf import settings
-import django.contrib.auth.models
-import django.contrib.auth.validators
 from django.db import migrations, models
 import django.db.models.deletion
-import django.utils.timezone
 
 
 class Migration(migrations.Migration):
@@ -15,36 +12,10 @@ class Migration(migrations.Migration):
     initial = True
 
     dependencies = [
-        ('auth', '0008_alter_user_username_max_length'),
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
     ]
 
     operations = [
-        migrations.CreateModel(
-            name='User',
-            fields=[
-                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
-                ('password', models.CharField(max_length=128, verbose_name='password')),
-                ('last_login', models.DateTimeField(blank=True, null=True, verbose_name='last login')),
-                ('is_superuser', models.BooleanField(default=False, help_text='Designates that this user has all permissions without explicitly assigning them.', verbose_name='superuser status')),
-                ('username', models.CharField(error_messages={'unique': 'A user with that username already exists.'}, help_text='Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.', max_length=150, unique=True, validators=[django.contrib.auth.validators.ASCIIUsernameValidator()], verbose_name='username')),
-                ('first_name', models.CharField(blank=True, max_length=30, verbose_name='first name')),
-                ('last_name', models.CharField(blank=True, max_length=30, verbose_name='last name')),
-                ('email', models.EmailField(blank=True, max_length=254, verbose_name='email address')),
-                ('is_staff', models.BooleanField(default=False, help_text='Designates whether the user can log into this admin site.', verbose_name='staff status')),
-                ('is_active', models.BooleanField(default=True, help_text='Designates whether this user should be treated as active. Unselect this instead of deleting accounts.', verbose_name='active')),
-                ('date_joined', models.DateTimeField(default=django.utils.timezone.now, verbose_name='date joined')),
-                ('groups', models.ManyToManyField(blank=True, help_text='The groups this user belongs to. A user will get all permissions granted to each of their groups.', related_name='user_set', related_query_name='user', to='auth.Group', verbose_name='groups')),
-                ('user_permissions', models.ManyToManyField(blank=True, help_text='Specific permissions for this user.', related_name='user_set', related_query_name='user', to='auth.Permission', verbose_name='user permissions')),
-            ],
-            options={
-                'abstract': False,
-                'verbose_name': 'user',
-                'verbose_name_plural': 'users',
-            },
-            managers=[
-                ('objects', django.contrib.auth.models.UserManager()),
-            ],
-        ),
         migrations.CreateModel(
             name='Request',
             fields=[
@@ -53,6 +24,7 @@ class Migration(migrations.Migration):
                 ('create_at', models.DateTimeField(auto_now_add=True)),
                 ('update_at', models.DateTimeField(auto_now=True)),
                 ('status', models.PositiveSmallIntegerField(choices=[(1, 'Abierto'), (2, 'Rechazado'), (3, 'Procesando'), (4, 'Hecho'), (5, 'Error')], default=1)),
+                ('issue', models.CharField(blank=True, max_length=100)),
                 ('user', models.ForeignKey(null=True, on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
             ],
             options={
@@ -66,7 +38,6 @@ class Migration(migrations.Migration):
                 ('name', models.CharField(max_length=35)),
                 ('create_at', models.DateTimeField(auto_now_add=True)),
                 ('update_at', models.DateTimeField(auto_now=True)),
-                ('playbook_name', models.CharField(max_length=35)),
                 ('last_execution', models.DateTimeField()),
                 ('request', models.ForeignKey(null=True, on_delete=django.db.models.deletion.CASCADE, to='core.Request')),
             ],

core/migrations/0002_remove_task_playbook_name.py

@@ -1,19 +0,0 @@
-# -*- coding: utf-8 -*-
-# Generated by Django 1.11 on 2018-03-27 18:48
-from __future__ import unicode_literals
-
-from django.db import migrations
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('core', '0001_initial'),
-    ]
-
-    operations = [
-        migrations.RemoveField(
-            model_name='task',
-            name='playbook_name',
-        ),
-    ]

core/migrations/0003_request_issue.py

@@ -1,20 +0,0 @@
-# -*- coding: utf-8 -*-
-# Generated by Django 1.11 on 2018-03-27 18:57
-from __future__ import unicode_literals
-
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('core', '0002_remove_task_playbook_name'),
-    ]
-
-    operations = [
-        migrations.AddField(
-            model_name='request',
-            name='issue',
-            field=models.CharField(blank=True, max_length=100),
-        ),
-    ]

core/models/__init__.py

@@ -1,5 +1,4 @@
 # -*- coding: utf-8 -*-
 from __future__ import unicode_literals
-from .user import User
 from .request import Request
 from .task import Task

core/models/request.py

@@ -1,8 +1,8 @@
 # -*- coding: utf-8 -*-
 from __future__ import unicode_literals
 from django.db import models
+from django.contrib.auth.models import User
 from core.models.base import Base
-from core.models.user import User
 
 REQUEST_STATUSES = (
     (1, 'Abierto'),

core/models/user.py

@@ -1,10 +0,0 @@
-# -*- coding: utf-8 -*-
-from __future__ import unicode_literals
-from django.contrib.auth.models import AbstractUser
-from django.contrib import auth
-from django.db import models
-
-'''
-'''
-class User(AbstractUser):
-    pass

odoo_control/settings.py

@@ -64,7 +64,7 @@ AUTH_PASSWORD_VALIDATORS = [
         'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
     },
 ]
-AUTH_USER_MODEL = 'core.User'
+# AUTH_USER_MODEL = 'core.User'
 LANGUAGE_CODE = 'es-PY'
 TIME_ZONE = 'UTC'
 USE_I18N = True