re2o/api/authentication.py

# -*- mode: python; coding: utf-8 -*-
# Re2o est un logiciel d'administration développé initiallement au rezometz. Il
# se veut agnostique au réseau considéré, de manière à être installable en
# quelques clics.
#
# Copyright © 2018 Maël Kervella
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

"""Defines the authentication classes used in the API to authenticate a user.
"""

import datetime

from django.conf import settings
from django.utils.translation import ugettext_lazy as _
from rest_framework.authentication import TokenAuthentication
from rest_framework import exceptions

class ExpiringTokenAuthentication(TokenAuthentication):
    """Authenticate a user if the provided token is valid and not expired.
    """
    def authenticate_credentials(self, key):
        """See base class. Add the verification the token is not expired.
        """
        base = super(ExpiringTokenAuthentication, self)
        user, token = base.authenticate_credentials(key)

        # Check that the genration time of the token is not too old
        token_duration = datetime.timedelta(
            seconds=settings.API_TOKEN_DURATION
        )
        utc_now = datetime.datetime.now(datetime.timezone.utc)
        if token.created < utc_now - token_duration:
            raise exceptions.AuthenticationFailed(_('Token has expired'))

        return (token.user, token)
Legacy shaebang pour python2 2018-06-30 01:25:46 +00:00			`# -- mode: python; coding: utf-8 --`
Docstrings, docstrings everywhere 2018-06-17 01:06:58 +00:00			`# Re2o est un logiciel d'administration développé initiallement au rezometz. Il`
			`# se veut agnostique au réseau considéré, de manière à être installable en`
			`# quelques clics.`
			`#`
			`# Copyright © 2018 Maël Kervella`
			`#`
			`# This program is free software; you can redistribute it and/or modify`
			`# it under the terms of the GNU General Public License as published by`
			`# the Free Software Foundation; either version 2 of the License, or`
			`# (at your option) any later version.`
			`#`
			`# This program is distributed in the hope that it will be useful,`
			`# but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`# GNU General Public License for more details.`
			`#`
			`# You should have received a copy of the GNU General Public License along`
			`# with this program; if not, write to the Free Software Foundation, Inc.,`
			`# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.`

			`"""Defines the authentication classes used in the API to authenticate a user.`
			`"""`

Add token authentication with expiration of tokens 2018-04-21 19:48:33 +00:00			`import datetime`
Docstrings, docstrings everywhere 2018-06-17 01:06:58 +00:00
Add token authentication with expiration of tokens 2018-04-21 19:48:33 +00:00			`from django.conf import settings`
			`from django.utils.translation import ugettext_lazy as _`
			`from rest_framework.authentication import TokenAuthentication`
			`from rest_framework import exceptions`

			`class ExpiringTokenAuthentication(TokenAuthentication):`
Docstrings, docstrings everywhere 2018-06-17 01:06:58 +00:00			`"""Authenticate a user if the provided token is valid and not expired.`
			`"""`
Add token authentication with expiration of tokens 2018-04-21 19:48:33 +00:00			`def authenticate_credentials(self, key):`
Docstrings, docstrings everywhere 2018-06-17 01:06:58 +00:00			`"""See base class. Add the verification the token is not expired.`
			`"""`
			`base = super(ExpiringTokenAuthentication, self)`
			`user, token = base.authenticate_credentials(key)`
Add token authentication with expiration of tokens 2018-04-21 19:48:33 +00:00
Docstrings, docstrings everywhere 2018-06-17 01:06:58 +00:00			`# Check that the genration time of the token is not too old`
Add token authentication with expiration of tokens 2018-04-21 19:48:33 +00:00			`token_duration = datetime.timedelta(`
			`seconds=settings.API_TOKEN_DURATION`
			`)`
			`utc_now = datetime.datetime.now(datetime.timezone.utc)`
			`if token.created < utc_now - token_duration:`
			`raise exceptions.AuthenticationFailed(_('Token has expired'))`

			`return (token.user, token)`