Skip to content
Snippets Groups Projects
Normal view History Permalink
db.py 2.36 KiB
Newer Older
Mark's avatar
Refactor
Mark committed
1 2 3 4 
from os import environ
from hydra_client import HydraAdmin
from flask_login import UserMixin
from graphqlclient import GraphQLClient
Mark's avatar
Align consent and login provider  
Mark committed
5 
import urllib
Mark's avatar
Merge latest commits  
Mark committed
6 
import json
Mark's avatar
Refactor
Mark committed
7 8 9 10 

GRAPHQL_URL = environ['GRAPHQL_URL']
graphql_client = GraphQLClient(GRAPHQL_URL)
Mark's avatar
Refactor  
Mark committed
11
Mark's avatar
Refactor
Mark committed
12 13 14 15 16 
class User(UserMixin):
    def __init__(self, username):
        self.id = username
        self.username = username
        self.active = False
Mark's avatar
Align consent and login provider  
Mark committed
17 18 19 20 21 22 23 
        try:
            self._load_remote_user_info()
        except urllib.error.HTTPError as error:
            raise BackendConnectionError(
                error.code,
                error.headers,
                ("Error during retrieval of userdata - " + error.reason))
Mark's avatar
Refactor
Mark committed
24 25 

    def _load_remote_user_info(self):
Mark's avatar
Add comments and update README  
Mark committed
26 
        """Loads userdata from remote GraphQL API"""
Mark's avatar
Refactor
Mark committed
27 28 29 30 
        querystring = '''{{
        getUser(username: "{0}"){{
            email,
            active
Mark's avatar
Merge branch 'master' into integration-user-panel  
Mark committed
31 
            }}}}'''.format(self.username)
Mark's avatar
Merge latest commits  
Mark committed
32 
        result = json.loads(graphql_client.execute(querystring))
Mark's avatar
Handle login with unknown user  
Mark committed
33 
        if "data" in result and result["data"]["getUser"] is not None:
Mark's avatar
Refactor
Mark committed
34 35 36 
            self.active = result["data"]["getUser"]["active"]
            self.email = result["data"]["getUser"]["email"]
Mark's avatar
Refactor user authentication function  
Mark committed
37 
    def _verify_password(self, password):
Mark's avatar
Add comments and update README  
Mark committed
38 39 
        """Verifies cleartext password
Mark's avatar
Refactor comment  
Mark committed
40 
        Sends the cleartext `password` to the GraphQL API
Mark's avatar
Add comments and update README  
Mark committed
41 42 43 44 45 46 47 48 49 
        which verifies the password by hashing it and comparing it to a stored password
        hash.

        Args:
            password: cleartext password

        Returns:
            Boolean result of password verification
        """
Mark's avatar
Escape quote char  
Mark committed
50 
        password = password.replace('"', '\\"')
Mark's avatar
Refactor
Mark committed
51 52 53 54 
        querystring = '''{{
        verifyPassword(
            username: "{0}",
            password: "{1}")
Mark's avatar
Fix bugs caused by merge  
Mark committed
55 
            }}'''.format(self.username, password)
Mark's avatar
Merge latest commits  
Mark committed
56 
        result = json.loads(graphql_client.execute(querystring))
Mark's avatar
Refactor
Mark committed
57 58 59 60 61 
        verified = False
        if "data" in result:
            verified = result["data"]["verifyPassword"]
        return verified
Mark's avatar
Refactor user authentication function  
Mark committed
62 63 
    def authenticate(self, password):
        return self.active and self._verify_password(password)
Mark's avatar
Align consent and login provider  
Mark committed
64 65 66 67 68 69 70 71 72 73 74 75 76 

class BackendConnectionError(Exception):
    """Raised when requests to the backend server fail

    Attributes:
        code -- http response code
        headers -- http response headers
        reason -- reson for the error
    """
    def __init__(self, code, headers, reason):
        self.code = code
        self.headers = headers
        self.reason = reason