aji/authsquare
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: aji:6d0126911b3691328fdaf0865a34431cbbafd530
Branches Tags
aji:master
aji:renaming
aji:dashboard
aji:prime
..
compare: aji:4322a5803fb4700eb7fc033e62776384e8cf3a04
Branches Tags
aji:master
aji:renaming
aji:dashboard
aji:prime

No commits in common. "6d0126911b3691328fdaf0865a34431cbbafd530" and "4322a5803fb4700eb7fc033e62776384e8cf3a04" have entirely different histories.
6d0126911b ... 4322a5803f

1 changed files with 99 additions and 107 deletions
Show Stats Expand all files Collapse all files

206
app/procedure/validation.py
View File

@ -1,6 +1,6 @@
import mysql.connector as mariadb import mysql.connector as mariadb
import datetime import datetime
from bottle import request, abort, redirect from bottle import request
from config import database, globalvar from config import database, globalvar
from scripts import loggorilla, tokenguard from scripts import loggorilla, tokenguard
@ -11,118 +11,110 @@ class validation():
def account(self, APIADDR, allowed_roles): def account(self, APIADDR, allowed_roles):
response = {} response = {}
loggorilla.prcss(APIADDR, "Define parameters") try:
beaker_session = request.environ.get('beaker.session') loggorilla.prcss(APIADDR, "Define parameters")
jwt = beaker_session["token"] if "token" in beaker_session else None beaker_session = request.environ.get('beaker.session')
if jwt is None: jwt = beaker_session["token"] if "token" in beaker_session else None
loggorilla.fyinf(APIADDR, "Guest") if jwt is None:
r_session = {} loggorilla.fyinf(APIADDR, "Guest")
r_profile = { r_session = {}
"username" :None, r_profile = {
"email" :None, "username" :None,
"phone" :None, "email" :None,
"roles" :[0] "phone" :None,
} "roles" :[0]
else: }
loggorilla.fyinf(APIADDR, "With JWT") else:
loggorilla.fyinf(APIADDR, "With JWT")
loggorilla.prcss(APIADDR, "Get JWT payload data") loggorilla.prcss(APIADDR, "Get JWT payload data")
payload = tokenguard.decode(jwt, globalvar.ssh['key']['public']) payload = tokenguard.decode(jwt, globalvar.ssh['key']['public'])
loggorilla.prcss(APIADDR, "Get dependency data") loggorilla.prcss(APIADDR, "Get dependency data")
db_main = mariadb.connect(**database.db_main) db_main = mariadb.connect(**database.db_main)
cursor = db_main.cursor(dictionary=True) cursor = db_main.cursor(dictionary=True)
loggorilla.prcss(APIADDR, "Get dependency data: Session") cursor.execute(f"SELECT * FROM auth_session WHERE id = %s ; ", (payload["session"]["id"],) )
cursor.execute(f"SELECT * FROM auth_session WHERE id = %s ; ", (payload["session"]["id"],) ) r_session = cursor.fetchone()
r_session = cursor.fetchone()
loggorilla.prcss(APIADDR, "Get dependency data: Profile") cursor.execute(f"SELECT COUNT(*) AS `count`, auth_profile.* FROM auth_profile_verification LEFT JOIN auth_profile ON auth_profile.id = auth_profile_verification.auth_profile WHERE auth_profile.token = %s AND auth_profile_verification.type = 'email' AND auth_profile_verification.verified = 1 ; ", (r_session['token'],) )
cursor.execute(f"SELECT COUNT(*) AS `count`, auth_profile.* FROM auth_profile_verification LEFT JOIN auth_profile ON auth_profile.id = auth_profile_verification.auth_profile WHERE auth_profile.token = %s AND auth_profile_verification.type = 'email' AND auth_profile_verification.verified = 1 ; ", (r_session['token'],) ) r_profile = cursor.fetchone()
r_profile = cursor.fetchone()
loggorilla.prcss(APIADDR, "Get dependency data: Roles: execute") cursor.execute(f"SELECT auth_roles FROM auth_profile_roles WHERE auth_profile = %s ; ", (r_profile['id'],) )
cursor.execute(f"SELECT auth_roles FROM auth_profile_roles WHERE auth_profile = %s ; ", (r_profile['id'],) ) r_roles = cursor.fetchall()
loggorilla.prcss(APIADDR, "Get dependency data: Roles: fetchall") r_profile['roles'] = r_roles['auth_roles']
r_roles = cursor.fetchall()
loggorilla.fyinf(APIADDR, f"r_roles: {r_roles}")
loggorilla.prcss(APIADDR, "Get dependency data: Roles: variable replace")
r_profile['roles'] = [item['auth_roles'] for item in r_roles]
loggorilla.prcss(APIADDR, "Get dependency data: Close DB") cursor.close()
cursor.close() db_main.close()
db_main.close()
loggorilla.prcss(APIADDR, "Validation") loggorilla.prcss(APIADDR, "Validation")
if 0 not in r_profile['roles'] and datetime.datetime.now() > r_session['end']: if 0 not in r_profile['roles'] and datetime.datetime.now() > r_session['end']:
loggorilla.prcss(APIADDR, "Deleting") loggorilla.prcss(APIADDR, "Deleting")
self.cursor.execute("DELETE FROM auth_session WHERE id = %s ; ", (r_session['id'],) ) self.cursor.execute("DELETE FROM auth_session WHERE id = %s ; ", (r_session['id'],) )
loggorilla.prcss(APIADDR, "Giving response") loggorilla.prcss(APIADDR, "Giving response")
loggorilla.accss(APIADDR, "Expired. Your session removed." ) loggorilla.accss(APIADDR, "Expired. Your session removed." )
loggorilla.accss(APIADDR, f"Session: {r_session}" ) loggorilla.accss(APIADDR, f"Session: {r_session}" )
loggorilla.accss(APIADDR, f"Session ID: {r_session['id']}" ) loggorilla.accss(APIADDR, f"Profile: {r_profile}" )
loggorilla.accss(APIADDR, f"Profile: {r_profile}" ) response["status" ] = "failed"
response["desc" ] = "Expired. Your session removed."
response["data" ] = {
"valid" :{
"status" : 0,
"desc" : "expired"
},
"session" : r_session,
"profile" : r_profile
}
redirect('/logout?msg=expired')
elif 0 not in r_profile['roles'] and r_profile["count"] == 0:
loggorilla.prcss(APIADDR, "Giving response")
loggorilla.accss(APIADDR, "No active account for this" )
loggorilla.accss(APIADDR, f"Session: {r_session}" )
loggorilla.accss(APIADDR, f"Profile: {r_profile}" )
response["status" ] = "failed"
response["desc" ] = "No active account for this"
response["data" ] = {
"message" : "Please contact us if you still had a problem",
"valid" :{
"status" : 0,
"desc" : "fake"
},
"session" : r_session,
"profile" : r_profile
}
abort(403, "Please contact us if you still had a problem.") # 403 Forbidden
elif any(role in allowed_roles for role in r_profile['roles']):
loggorilla.prcss(APIADDR, "Giving response")
loggorilla.accss(APIADDR, "User roles authorized" )
response["status" ] = "success"
response["desc" ] = "User roles authorized"
response["data" ] = {
"valid" :{
"status" : 1,
"desc" : "authorized"
},
"session" : r_session,
"profile" : r_profile
}
return response
else:
loggorilla.prcss(APIADDR, "Giving response")
loggorilla.accss(APIADDR, "User roles unauthorized" )
loggorilla.accss(APIADDR, f"Session: {r_session}" )
loggorilla.accss(APIADDR, f"Profile: {r_profile}" )
response["status" ] = "failed"
response["desc" ] = "User roles unauthorized"
response["data" ] = {
"valid" :{
"status" : 0,
"desc" : "unauthorized"
},
"session" : r_session,
"profile" : r_profile
}
abort(401, "User roles unauthorized") # 401 Unauthorized
except Exception as e:
loggorilla.error(APIADDR, str(e) )
response["status" ] = "failed" response["status" ] = "failed"
response["desc" ] = "Expired. Your session removed." response["desc" ] = "Internal Server Error. Please contact us if you still have an error."
response["data" ] = {
"valid" :{
"status" : 0,
"desc" : "expired"
},
"session" : r_session,
"profile" : r_profile
}
redirect('/logout?msg=expired')
elif 0 not in r_profile['roles'] and r_profile["count"] == 0:
loggorilla.prcss(APIADDR, "Giving response")
loggorilla.accss(APIADDR, "No active account for this" )
loggorilla.accss(APIADDR, f"Session: {r_session}" )
loggorilla.accss(APIADDR, f"Session ID: {r_session['id']}" )
loggorilla.accss(APIADDR, f"Profile: {r_profile}" )
response["status" ] = "failed"
response["desc" ] = "No active account for this"
response["data" ] = {
"message" : "Please contact us if you still had a problem",
"valid" :{
"status" : 0,
"desc" : "fake"
},
"session" : r_session,
"profile" : r_profile
}
abort(403, "Please contact us if you still had a problem.") # 403 Forbidden
elif any(role in allowed_roles for role in r_profile['roles']):
loggorilla.prcss(APIADDR, "Giving response")
loggorilla.accss(APIADDR, "User roles authorized" )
response["status" ] = "success"
response["desc" ] = "User roles authorized"
response["data" ] = {
"valid" :{
"status" : 1,
"desc" : "authorized"
},
"session" : r_session,
"profile" : r_profile
}
return response return response
else:
loggorilla.prcss(APIADDR, "Giving response")
loggorilla.accss(APIADDR, "User roles unauthorized" )
loggorilla.accss(APIADDR, f"Session ID : {r_session['id']}" )
loggorilla.accss(APIADDR, f"Session Start : {r_session['start'].strftime('%Y-%m-%d %H:%M:%S')}" )
loggorilla.accss(APIADDR, f"Session End : {r_session['end'].strftime('%Y-%m-%d %H:%M:%S')}" )
loggorilla.accss(APIADDR, f"Profile ID : {r_profile['id']}" )
loggorilla.accss(APIADDR, f"Profile Username : {r_profile['username']}" )
loggorilla.accss(APIADDR, f"Profile Email : {r_profile['email']}" )
loggorilla.accss(APIADDR, f"Profile Phone : {r_profile['phone']}" )
response["status" ] = "failed"
response["desc" ] = "User roles unauthorized"
response["data" ] = {
"valid" :{
"status" : 0,
"desc" : "unauthorized"
},
"session" : r_session,
"profile" : r_profile
}
abort(401, "User roles unauthorized") # 401 Unauthorized