diff options
| author |   SerenaFeng <feng.xiaowei@zte.com.cn> | 2017-08-30 11:59:46 +0800 |
|---|---|---|
| committer | SerenaFeng <feng.xiaowei@zte.com.cn> | 2017-08-31 10:43:14 +0800 |
| commit | 9e36409f1bf52a6fd510c4f4896d85761b59cfa9 (patch) | |
| tree | b5917ad3530efb2856a9a398a78cb7fca3af9e2e /testapi/opnfv_testapi/common | |
| parent | ea7706279a99c03181c348d29c157f70037ed217 (diff) | |
leverage LFID as Authentication
delete openid authentication
add LFID authentication
Change-Id: Iead144b5130bce51448024e65092fdea3bb2f07a
Signed-off-by: SerenaFeng <feng.xiaowei@zte.com.cn>
Diffstat (limited to 'testapi/opnfv_testapi/common')
| -rw-r--r-- | testapi/opnfv_testapi/common/check.py | 35 | ||||
| -rw-r--r-- | testapi/opnfv_testapi/common/constants.py | 5 |
2 files changed, 40 insertions, 0 deletions
diff --git a/testapi/opnfv_testapi/common/check.py b/testapi/opnfv_testapi/common/check.py index 24ba876..009d3d4 100644 --- a/testapi/opnfv_testapi/common/check.py +++ b/testapi/opnfv_testapi/common/check.py @@ -8,14 +8,49 @@ ############################################################################## import functools +import cas from tornado import gen from tornado import web +from opnfv_testapi.common import constants from opnfv_testapi.common import message from opnfv_testapi.common import raises +from opnfv_testapi.common.config import CONF from opnfv_testapi.db import api as dbapi +def login(method): + @web.asynchronous + @gen.coroutine + @functools.wraps(method) + def wrapper(self, *args, **kwargs): + ticket = self.get_query_argument('ticket', default=None) + if ticket: + client = cas.CASClient(version='2', + server_url=CONF.lfid_cas_url, + service_url=CONF.ui_url) + (user, attrs, _) = client.verify_ticket(ticket=ticket) + print 'login user: {}'.format(user) + login_user = { + 'user': user, + 'email': attrs.get('mail'), + 'fullname': attrs.get('field_lf_full_name'), + 'groups': constants.TESTAPI_USERS + attrs.get('group', []) + } + q_user = {'user': user} + db_user = yield dbapi.db_find_one(constants.USER_TABLE, q_user) + if not db_user: + dbapi.db_save(constants.USER_TABLE, login_user) + else: + dbapi.db_update(constants.USER_TABLE, q_user, login_user) + + self.clear_cookie(constants.TESTAPI_ID) + self.set_secure_cookie(constants.TESTAPI_ID, user) + ret = yield gen.coroutine(method)(self, *args, **kwargs) + raise gen.Return(ret) + return wrapper + + def authenticate(method): @web.asynchronous @gen.coroutine diff --git a/testapi/opnfv_testapi/common/constants.py b/testapi/opnfv_testapi/common/constants.py new file mode 100644 index 0000000..b37ebb3 --- /dev/null +++ b/testapi/opnfv_testapi/common/constants.py @@ -0,0 +1,5 @@ +TESTAPI_ID = 'testapi_id' +CSRF_TOKEN = 'csrf_token' +ROLE = 'role' +TESTAPI_USERS = ['opnfv-testapi-users'] +USER_TABLE = 'users' |