eirugit
/
eiru_automation


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110
							# -*- coding: utf-8 -*-
from __future__ import unicode_literals
from django.conf.urls import url
from tastypie import http
from tastypie.resources import Resource
from tastypie.utils import trailing_slash
from tastypie.exceptions import ImmediateHttpResponse
from api.utils import jwt_token
from api.utils.logger import (
    info,
    warning
)
from api.utils.email import send_email
import simplejson as json

'''
'''
class JWTResource(Resource):
    class Meta:
        allowed_methods = ['post']
        resource_name = 'auth'

    '''
    '''
    def prepend_urls(self):
        return [
            url(r'^%s/get_token%s$' % (self._meta.resource_name, trailing_slash), self.wrap_view('get_token'), name="api_get_token"),
            url(r'^%s/check_token%s$' % (self._meta.resource_name, trailing_slash), self.wrap_view('check_token'), name="api_check_token"),
        ]

    '''
    '''
    def get_token(self, request, **kwargs):
        self.method_check(request, allowed=self._meta.allowed_methods)

        # Check content type
        if request.content_type != 'application/json':
            warning('request is not json')
            raise ImmediateHttpResponse(response=http.HttpUnauthorized())

        # Check body
        if not request.body:
            warning('request body not exists')
            raise ImmediateHttpResponse(response=http.HttpUnauthorized())

        # Check required parameters
        body = json.loads(request.body)
        if 'username' not in body or 'password' not in body:
            warning('username or password not provided')
            raise ImmediateHttpResponse(response=http.HttpUnauthorized())

        # Check user
        token = jwt_token.create_token(body['username'], body['password'])
        if not token:
            warning('empty token')
            raise ImmediateHttpResponse(response=http.HttpUnauthorized())

        info('%s authenticated' % body['username'])

        # Send email
        email_sended = send_email(
            'El usuario %s se autenticó al sistema con un nuevo token.\n%s' % (body['username'], token),
            body['username'],
            only_admins=True
        )

        if not email_sended:
            warning('%s email not sended' % body['username'])
        else:
            info('%s email sended' % body['username'])

        # Build bundle
        bundle = self.build_bundle(obj={
            'token': token,
            'username': body['username']
        }, request=request)

        return self.create_response(request, bundle.obj)

    '''
    '''
    def check_token(self, request, **kwargs):
        self.method_check(request, allowed=self._meta.allowed_methods)

         # Check content type
        if request.content_type != 'application/json':
            raise ImmediateHttpResponse(response=http.HttpUnauthorized())

        # Check body
        if not request.body:
            raise ImmediateHttpResponse(response=http.HttpUnauthorized())

        # Check required parameters
        body = json.loads(request.body)
        if 'token' not in body:
            raise ImmediateHttpResponse(response=http.HttpUnauthorized())

        (user, ok) = jwt_token.check_token(body['token'])

        # Check status
        response_status = (401, 200)[bool(ok)]
        if response_status == 401:
            raise ImmediateHttpResponse(response=http.HttpUnauthorized())

        bundle = self.build_bundle(obj={
            'token': body['token'],
            'username': user.username
        }, request=request)

        return self.create_response(request, bundle.obj)