From c6bda58ba44dddb9151862d75a53224e7ad03227 Mon Sep 17 00:00:00 2001
From: SerenaFeng <feng.xiaowei@zte.com.cn>
Date: Thu, 18 May 2017 20:06:26 +0800
Subject: support showing user's specified contents after signin

Change-Id: Ia8897860757a2395873ff6972a508c38d7139854
Signed-off-by: SerenaFeng <feng.xiaowei@zte.com.cn>
---
 testapi/opnfv_testapi/cmd/server.py          |  3 +-
 testapi/opnfv_testapi/resources/handlers.py  |  8 +++++
 testapi/opnfv_testapi/router/url_mappings.py |  8 +++--
 testapi/opnfv_testapi/ui/auth/base.py        | 35 ++++++++++++++++++++++
 testapi/opnfv_testapi/ui/auth/handlers.py    | 37 -----------------------
 testapi/opnfv_testapi/ui/auth/sign.py        | 45 ++++++++++++++++++++++++++++
 testapi/opnfv_testapi/ui/auth/user.py        | 24 +++++++++++++++
 testapi/opnfv_testapi/ui/auth/utils.py       | 23 --------------
 8 files changed, 119 insertions(+), 64 deletions(-)
 create mode 100644 testapi/opnfv_testapi/ui/auth/base.py
 delete mode 100644 testapi/opnfv_testapi/ui/auth/handlers.py
 create mode 100644 testapi/opnfv_testapi/ui/auth/sign.py
 create mode 100644 testapi/opnfv_testapi/ui/auth/user.py
 delete mode 100644 testapi/opnfv_testapi/ui/auth/utils.py

(limited to 'testapi')

diff --git a/testapi/opnfv_testapi/cmd/server.py b/testapi/opnfv_testapi/cmd/server.py
index 2696bb3..545d5e3 100644
--- a/testapi/opnfv_testapi/cmd/server.py
+++ b/testapi/opnfv_testapi/cmd/server.py
@@ -64,7 +64,8 @@ def make_app():
         url_mappings.mappings,
         db=get_db(),
         debug=CONF.api_debug,
-        auth=CONF.api_authenticate
+        auth=CONF.api_authenticate,
+        cookie_secret='opnfv-testapi',
     )
 
 
diff --git a/testapi/opnfv_testapi/resources/handlers.py b/testapi/opnfv_testapi/resources/handlers.py
index dbf94eb..2426805 100644
--- a/testapi/opnfv_testapi/resources/handlers.py
+++ b/testapi/opnfv_testapi/resources/handlers.py
@@ -188,6 +188,14 @@ class GenericApiHandler(web.RequestHandler):
             table = self.table
         return self._eval_db(table, 'find_one', query)
 
+    def db_save(self, collection, data):
+        self._eval_db(collection, 'insert', data, check_keys=False)
+
+    def db_find_one(self, query, collection=None):
+        if not collection:
+            collection = self.table
+        return self._eval_db(collection, 'find_one', query)
+
 
 class VersionHandler(GenericApiHandler):
     @swagger.operation(nickname='listAllVersions')
diff --git a/testapi/opnfv_testapi/router/url_mappings.py b/testapi/opnfv_testapi/router/url_mappings.py
index 7bd3430..d686701 100644
--- a/testapi/opnfv_testapi/router/url_mappings.py
+++ b/testapi/opnfv_testapi/router/url_mappings.py
@@ -16,7 +16,8 @@ from opnfv_testapi.resources import result_handlers
 from opnfv_testapi.resources import scenario_handlers
 from opnfv_testapi.resources import testcase_handlers
 from opnfv_testapi.ui import root
-from opnfv_testapi.ui.auth import handlers as auth_handlers
+from opnfv_testapi.ui.auth import sign
+from opnfv_testapi.ui.auth import user
 
 mappings = [
     # GET /versions => GET API version
@@ -59,6 +60,7 @@ mappings = [
      {'path': config.Config().static_path}),
 
     (r'/', root.RootHandler),
-    (r'/api/v1/auth/signin', auth_handlers.SigninHandler),
-    (r'/api/v1/auth/signin_return', auth_handlers.SigninReturnHandler),
+    (r'/api/v1/auth/signin', sign.SigninHandler),
+    (r'/api/v1/auth/signin_return', sign.SigninReturnHandler),
+    (r'/api/v1/profile', user.ProfileHandler),
 ]
diff --git a/testapi/opnfv_testapi/ui/auth/base.py b/testapi/opnfv_testapi/ui/auth/base.py
new file mode 100644
index 0000000..bea87c4
--- /dev/null
+++ b/testapi/opnfv_testapi/ui/auth/base.py
@@ -0,0 +1,35 @@
+import random
+import string
+
+from six.moves.urllib import parse
+
+from opnfv_testapi.resources import handlers
+
+
+class BaseHandler(handlers.GenericApiHandler):
+    def __init__(self, application, request, **kwargs):
+        super(BaseHandler, self).__init__(application, request, **kwargs)
+        self.table = 'users'
+
+    def set_cookies(self, cookies):
+        for cookie_n, cookie_v in cookies:
+            self.set_secure_cookie(cookie_n, cookie_v)
+
+
+def get_token(length=30):
+    """Get random token."""
+    return ''.join(random.choice(string.ascii_lowercase)
+                   for i in range(length))
+
+
+def set_query_params(url, params):
+    """Set params in given query."""
+    url_parts = parse.urlparse(url)
+    url = parse.urlunparse((
+        url_parts.scheme,
+        url_parts.netloc,
+        url_parts.path,
+        url_parts.params,
+        parse.urlencode(params),
+        url_parts.fragment))
+    return url
diff --git a/testapi/opnfv_testapi/ui/auth/handlers.py b/testapi/opnfv_testapi/ui/auth/handlers.py
deleted file mode 100644
index 511952d..0000000
--- a/testapi/opnfv_testapi/ui/auth/handlers.py
+++ /dev/null
@@ -1,37 +0,0 @@
-from six.moves.urllib import parse
-
-from opnfv_testapi.common import config
-from opnfv_testapi.resources import handlers
-from opnfv_testapi.ui.auth import constants as const
-from opnfv_testapi.ui.auth import utils
-
-
-CONF = config.Config()
-
-
-class SigninHandler(handlers.GenericApiHandler):
-    def get(self):
-        csrf_token = utils.get_token()
-        return_endpoint = parse.urljoin(CONF.api_url,
-                                        CONF.osid_openid_return_to)
-        return_to = utils.set_query_params(return_endpoint,
-                                           {const.CSRF_TOKEN: csrf_token})
-
-        params = {
-            const.OPENID_MODE: CONF.osid_openid_mode,
-            const.OPENID_NS: CONF.osid_openid_ns,
-            const.OPENID_RETURN_TO: return_to,
-            const.OPENID_CLAIMED_ID: CONF.osid_openid_claimed_id,
-            const.OPENID_IDENTITY: CONF.osid_openid_identity,
-            const.OPENID_REALM: CONF.api_url,
-            const.OPENID_NS_SREG: CONF.osid_openid_ns_sreg,
-            const.OPENID_NS_SREG_REQUIRED: CONF.osid_openid_sreg_required,
-        }
-        url = CONF.osid_openstack_openid_endpoint
-        url = utils.set_query_params(url, params)
-        self.redirect(url=url, permanent=False)
-
-
-class SigninReturnHandler(handlers.GenericApiHandler):
-    def get(self):
-        self.redirect(url=CONF.ui_url)
diff --git a/testapi/opnfv_testapi/ui/auth/sign.py b/testapi/opnfv_testapi/ui/auth/sign.py
new file mode 100644
index 0000000..c92196a
--- /dev/null
+++ b/testapi/opnfv_testapi/ui/auth/sign.py
@@ -0,0 +1,45 @@
+from six.moves.urllib import parse
+
+from opnfv_testapi.common import config
+from opnfv_testapi.ui.auth import base
+from opnfv_testapi.ui.auth import constants as const
+
+CONF = config.Config()
+
+
+class SigninHandler(base.BaseHandler):
+    def get(self):
+        csrf_token = base.get_token()
+        return_endpoint = parse.urljoin(CONF.api_url,
+                                        CONF.osid_openid_return_to)
+        return_to = base.set_query_params(return_endpoint,
+                                          {const.CSRF_TOKEN: csrf_token})
+
+        params = {
+            const.OPENID_MODE: CONF.osid_openid_mode,
+            const.OPENID_NS: CONF.osid_openid_ns,
+            const.OPENID_RETURN_TO: return_to,
+            const.OPENID_CLAIMED_ID: CONF.osid_openid_claimed_id,
+            const.OPENID_IDENTITY: CONF.osid_openid_identity,
+            const.OPENID_REALM: CONF.api_url,
+            const.OPENID_NS_SREG: CONF.osid_openid_ns_sreg,
+            const.OPENID_NS_SREG_REQUIRED: CONF.osid_openid_sreg_required,
+        }
+        url = CONF.osid_openstack_openid_endpoint
+        url = base.set_query_params(url, params)
+        self.redirect(url=url, permanent=False)
+
+
+class SigninReturnHandler(base.BaseHandler):
+    def get(self):
+        openid = self.get_query_argument(const.OPENID_CLAIMED_ID)
+        user_info = {
+            'openid': openid,
+            'email': self.get_query_argument(const.OPENID_NS_SREG_EMAIL),
+            'fullname': self.get_query_argument(const.OPENID_NS_SREG_FULLNAME)
+        }
+
+        self.db_save(self.table, user_info)
+        if not self.get_secure_cookie('openid'):
+            self.set_secure_cookie('openid', openid)
+        self.redirect(url=CONF.ui_url)
diff --git a/testapi/opnfv_testapi/ui/auth/user.py b/testapi/opnfv_testapi/ui/auth/user.py
new file mode 100644
index 0000000..140bca5
--- /dev/null
+++ b/testapi/opnfv_testapi/ui/auth/user.py
@@ -0,0 +1,24 @@
+from tornado import gen
+from tornado import web
+
+from opnfv_testapi.common import raises
+from opnfv_testapi.ui.auth import base
+
+
+class ProfileHandler(base.BaseHandler):
+    @web.asynchronous
+    @gen.coroutine
+    def get(self):
+        openid = self.get_secure_cookie('openid')
+        if openid:
+            try:
+                user = yield self.db_find_one({'openid': openid})
+                self.finish_request({
+                    "openid": user.get('openid'),
+                    "email": user.get('email'),
+                    "fullname": user.get('fullname'),
+                    "is_admin": False
+                })
+            except Exception:
+                pass
+        raises.Unauthorized('Unauthorized')
diff --git a/testapi/opnfv_testapi/ui/auth/utils.py b/testapi/opnfv_testapi/ui/auth/utils.py
deleted file mode 100644
index c3912ad..0000000
--- a/testapi/opnfv_testapi/ui/auth/utils.py
+++ /dev/null
@@ -1,23 +0,0 @@
-import random
-import string
-
-from six.moves.urllib import parse
-
-
-def get_token(length=30):
-    """Get random token."""
-    return ''.join(random.choice(string.ascii_lowercase)
-                   for i in range(length))
-
-
-def set_query_params(url, params):
-    """Set params in given query."""
-    url_parts = parse.urlparse(url)
-    url = parse.urlunparse((
-        url_parts.scheme,
-        url_parts.netloc,
-        url_parts.path,
-        url_parts.params,
-        parse.urlencode(params),
-        url_parts.fragment))
-    return url
-- 
cgit 1.2.3-korg