##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
user: remove usage of api_key....
marcink -
r1481:e1c01dbb default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -510,7 +510,7 b' class User(Base, BaseModel):'
510 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
510 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
511 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
511 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
512 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
512 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
513 api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
513 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
514 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
514 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
515 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
515 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
516 _user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data
516 _user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data
@@ -562,6 +562,23 b' class User(Base, BaseModel):'
562 def email(self, val):
562 def email(self, val):
563 self._email = val.lower() if val else None
563 self._email = val.lower() if val else None
564
564
565 @hybrid_property
566 def api_key(self):
567 """
568 Fetch if exist an auth-token with role ALL connected to this user
569 """
570 user_auth_token = UserApiKeys.query()\
571 .filter(UserApiKeys.user_id == self.user_id)\
572 .filter(or_(UserApiKeys.expires == -1,
573 UserApiKeys.expires >= time.time()))\
574 .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
575 return user_auth_token
576
577 @api_key.setter
578 def api_key(self, val):
579 # don't allow to set API key this is deprecated for now
580 self._api_key = None
581
565 @property
582 @property
566 def firstname(self):
583 def firstname(self):
567 # alias for future
584 # alias for future
@@ -574,7 +591,7 b' class User(Base, BaseModel):'
574
591
575 @property
592 @property
576 def auth_tokens(self):
593 def auth_tokens(self):
577 return [self.api_key] + [x.api_key for x in self.extra_auth_tokens]
594 return [x.api_key for x in self.extra_auth_tokens]
578
595
579 @property
596 @property
580 def extra_auth_tokens(self):
597 def extra_auth_tokens(self):
@@ -684,8 +701,7 b' class User(Base, BaseModel):'
684 Returns instance of AuthUser for this user
701 Returns instance of AuthUser for this user
685 """
702 """
686 from rhodecode.lib.auth import AuthUser
703 from rhodecode.lib.auth import AuthUser
687 return AuthUser(user_id=self.user_id, api_key=self.api_key,
704 return AuthUser(user_id=self.user_id, username=self.username)
688 username=self.username)
689
705
690 @hybrid_property
706 @hybrid_property
691 def user_data(self):
707 def user_data(self):
@@ -730,24 +746,18 b' class User(Base, BaseModel):'
730 return q.scalar()
746 return q.scalar()
731
747
732 @classmethod
748 @classmethod
733 def get_by_auth_token(cls, auth_token, cache=False, fallback=True):
749 def get_by_auth_token(cls, auth_token, cache=False):
734 q = cls.query().filter(cls.api_key == auth_token)
750 q = UserApiKeys.query()\
735
751 .filter(UserApiKeys.api_key == auth_token)\
752 .filter(or_(UserApiKeys.expires == -1,
753 UserApiKeys.expires >= time.time()))
736 if cache:
754 if cache:
737 q = q.options(FromCache("sql_cache_short",
755 q = q.options(FromCache("sql_cache_short",
738 "get_auth_token_%s" % auth_token))
756 "get_auth_token_%s" % auth_token))
739 res = q.scalar()
757
740
758 match = q.first()
741 if fallback and not res:
759 if match:
742 #fallback to additional keys
760 return match.user
743 _res = UserApiKeys.query()\
744 .filter(UserApiKeys.api_key == auth_token)\
745 .filter(or_(UserApiKeys.expires == -1,
746 UserApiKeys.expires >= time.time()))\
747 .first()
748 if _res:
749 res = _res.user
750 return res
751
761
752 @classmethod
762 @classmethod
753 def get_by_email(cls, email, case_insensitive=False, cache=False):
763 def get_by_email(cls, email, case_insensitive=False, cache=False):
@@ -884,7 +894,6 b' class User(Base, BaseModel):'
884 api_key_replacement = '*' * api_key_length
894 api_key_replacement = '*' * api_key_length
885
895
886 extras = {
896 extras = {
887 'api_key': api_key_replacement,
888 'api_keys': [api_key_replacement],
897 'api_keys': [api_key_replacement],
889 'active': user.active,
898 'active': user.active,
890 'admin': user.admin,
899 'admin': user.admin,
@@ -897,7 +906,6 b' class User(Base, BaseModel):'
897 data.update(extras)
906 data.update(extras)
898
907
899 if include_secrets:
908 if include_secrets:
900 data['api_key'] = user.api_key
901 data['api_keys'] = user.auth_tokens
909 data['api_keys'] = user.auth_tokens
902 return data
910 return data
903
911
General Comments 0
You need to be logged in to leave comments. Login now