1 files changed, 71 insertions, 0 deletions

diff --git a/app/api/auth/auth.py b/app/api/auth/auth.py
new file mode 100644
index 0000000..04fc4b9
--- /dev/null
+++ b/app/api/auth/auth.py
@@ -0,0 +1,71 @@
+###############################################################################
+# Copyright (c) 2017 Koren Lev (Cisco Systems), Yaron Yogev (Cisco Systems)   #
+# and others                                                                  #
+#                                                                             #
+# All rights reserved. This program and the accompanying materials            #
+# are made available under the terms of the Apache License, Version 2.0       #
+# which accompanies this distribution, and is available at                    #
+# http://www.apache.org/licenses/LICENSE-2.0                                  #
+###############################################################################
+from api.auth.token import Token
+from api.backends.ldap_access import LDAPAccess
+from utils.inventory_mgr import InventoryMgr
+from utils.logging.full_logger import FullLogger
+
+
+class Auth:
+
+    def __init__(self):
+        super().__init__()
+        self.inv = InventoryMgr()
+        self.log = FullLogger()
+        self.tokens_coll = self.inv.client['tokens']['api_tokens']
+        self.ldap_access = LDAPAccess()
+
+    def get_token(self, token):
+        tokens = None
+        try:
+            tokens = list(self.tokens_coll.find({'token': token}))
+        except Exception as e:
+            self.log.error('Failed to get token for ', str(e))
+
+        return tokens
+
+    def write_token(self, token):
+        error = None
+        try:
+            self.tokens_coll.insert_one(token)
+        except Exception as e:
+            self.log.error("Failed to write new token {0} to database for {1}"
+                           .format(token[token], str(e)))
+            error = 'Failed to create new token'
+
+        return error
+
+    def delete_token(self, token):
+        error = None
+        try:
+            self.tokens_coll.delete_one({'token': token})
+        except Exception as e:
+            self.log.error('Failed to delete token {0} for {1}'.
+                           format(token, str(e)))
+            error = 'Failed to delete token {0}'.format(token)
+
+        return error
+
+    def validate_credentials(self, username, pwd):
+        return self.ldap_access.authenticate_user(username, pwd)
+
+    def validate_token(self, token):
+        error = None
+        tokens = self.get_token(token)
+        if not tokens:
+            error = "Token {0} doesn't exist".format(token)
+        elif len(tokens) > 1:
+            self.log.error('Multiple tokens found for {0}'.format(token))
+            error = "Multiple tokens found"
+        else:
+            t = tokens[0]
+            error = Token.validate_token(t)
+
+        return error