summaryrefslogtreecommitdiffstats
path: root/utils/test/testapi/opnfv_testapi/ui/auth/sign.py
blob: 318473ea2540492326e84030466f0d1a516b4240 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
from cas import CASClient
from tornado import gen
from tornado import web

from opnfv_testapi.common import constants
from opnfv_testapi.common.config import CONF
from opnfv_testapi.db import api as dbapi
from opnfv_testapi.resources import handlers


class SignBaseHandler(handlers.GenericApiHandler):
    def __init__(self, application, request, **kwargs):
        super(SignBaseHandler, self).__init__(application, request, **kwargs)
        self.table = 'users'
        self.cas_client = CASClient(version='2',
                                    server_url=CONF.lfid_cas_url,
                                    service_url='{}/{}'.format(
                                        CONF.ui_url,
                                        CONF.lfid_signin_return))


class SigninHandler(SignBaseHandler):
    def get(self):
        self.redirect(url=(self.cas_client.get_login_url()))


class SigninReturnHandler(SignBaseHandler):

    @web.asynchronous
    @gen.coroutine
    def get(self):
        ticket = self.get_query_argument('ticket', default=None)
        if ticket:
            (user, attrs, _) = self.cas_client.verify_ticket(ticket=ticket)
            login_user = {
                'user': user,
                'email': attrs.get('mail'),
                'fullname': attrs.get('field_lf_full_name'),
                'groups': constants.TESTAPI_USERS + attrs.get('group', [])
            }
            q_user = {'user': user}
            db_user = yield dbapi.db_find_one(self.table, q_user)
            if not db_user:
                dbapi.db_save(self.table, login_user)
            else:
                dbapi.db_update(self.table, q_user, login_user)

            self.clear_cookie(constants.TESTAPI_ID)
            self.set_secure_cookie(constants.TESTAPI_ID, user)

            self.redirect(url=CONF.ui_url)


class SignoutHandler(SignBaseHandler):
    def get(self):
        """Handle signout request."""
        self.clear_cookie(constants.TESTAPI_ID)
        logout_url = self.cas_client.get_logout_url(redirect_url=CONF.ui_url)
        self.redirect(url=logout_url)