diff options
| author |   SerenaFeng <feng.xiaowei@zte.com.cn> | 2017-09-06 14:21:23 +0800 |
|---|---|---|
| committer | SerenaFeng <feng.xiaowei@zte.com.cn> | 2017-09-06 14:32:17 +0800 |
| commit | b3580028292d2927564020e8143bc1f659ef0ab3 (patch) | |
| tree | 6fffa805732173047ef7ae449c9754e9fd40ee05 /testapi/opnfv_testapi/common | |
| parent | 3c77911dfb82fe165607496ca8a14ad7bd1a4337 (diff) | |
hide cas ticket from web portal
In the previous implementation, when login the url will shown as:
http://localhost:8000/?ticket=ST-5WzYs6SD2A#/
this patch aims to hide the ticket mechanism.
1) add /api/v1/auth/signin_return to process login verify
2) refactor code, leverage SignBaseHanlder() to manage casclient
Change-Id: I62e23eb69ee52304c30753e861b4f0a4e0d45541
Signed-off-by: SerenaFeng <feng.xiaowei@zte.com.cn>
Diffstat (limited to 'testapi/opnfv_testapi/common')
| -rw-r--r-- | testapi/opnfv_testapi/common/check.py | 35 | ||||
| -rw-r--r-- | testapi/opnfv_testapi/common/constants.py | 1 |
2 files changed, 0 insertions, 36 deletions
diff --git a/testapi/opnfv_testapi/common/check.py b/testapi/opnfv_testapi/common/check.py index 009d3d4..24ba876 100644 --- a/testapi/opnfv_testapi/common/check.py +++ b/testapi/opnfv_testapi/common/check.py @@ -8,49 +8,14 @@ ############################################################################## import functools -import cas from tornado import gen from tornado import web -from opnfv_testapi.common import constants from opnfv_testapi.common import message from opnfv_testapi.common import raises -from opnfv_testapi.common.config import CONF from opnfv_testapi.db import api as dbapi -def login(method): - @web.asynchronous - @gen.coroutine - @functools.wraps(method) - def wrapper(self, *args, **kwargs): - ticket = self.get_query_argument('ticket', default=None) - if ticket: - client = cas.CASClient(version='2', - server_url=CONF.lfid_cas_url, - service_url=CONF.ui_url) - (user, attrs, _) = client.verify_ticket(ticket=ticket) - print 'login user: {}'.format(user) - login_user = { - 'user': user, - 'email': attrs.get('mail'), - 'fullname': attrs.get('field_lf_full_name'), - 'groups': constants.TESTAPI_USERS + attrs.get('group', []) - } - q_user = {'user': user} - db_user = yield dbapi.db_find_one(constants.USER_TABLE, q_user) - if not db_user: - dbapi.db_save(constants.USER_TABLE, login_user) - else: - dbapi.db_update(constants.USER_TABLE, q_user, login_user) - - self.clear_cookie(constants.TESTAPI_ID) - self.set_secure_cookie(constants.TESTAPI_ID, user) - ret = yield gen.coroutine(method)(self, *args, **kwargs) - raise gen.Return(ret) - return wrapper - - def authenticate(method): @web.asynchronous @gen.coroutine diff --git a/testapi/opnfv_testapi/common/constants.py b/testapi/opnfv_testapi/common/constants.py index b37ebb3..70c9223 100644 --- a/testapi/opnfv_testapi/common/constants.py +++ b/testapi/opnfv_testapi/common/constants.py @@ -2,4 +2,3 @@ TESTAPI_ID = 'testapi_id' CSRF_TOKEN = 'csrf_token' ROLE = 'role' TESTAPI_USERS = ['opnfv-testapi-users'] -USER_TABLE = 'users' |