##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
user: remove usage of api_key....
marcink -
r1481:e1c01dbb default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -510,7 +510,7 b' class User(Base, BaseModel):'
510 510 last_login = Column("last_login", DateTime(timezone=False), nullable=True, unique=None, default=None)
511 511 extern_type = Column("extern_type", String(255), nullable=True, unique=None, default=None)
512 512 extern_name = Column("extern_name", String(255), nullable=True, unique=None, default=None)
513 api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
513 _api_key = Column("api_key", String(255), nullable=True, unique=None, default=None)
514 514 inherit_default_permissions = Column("inherit_default_permissions", Boolean(), nullable=False, unique=None, default=True)
515 515 created_on = Column('created_on', DateTime(timezone=False), nullable=False, default=datetime.datetime.now)
516 516 _user_data = Column("user_data", LargeBinary(), nullable=True) # JSON data
@@ -562,6 +562,23 b' class User(Base, BaseModel):'
562 562 def email(self, val):
563 563 self._email = val.lower() if val else None
564 564
565 @hybrid_property
566 def api_key(self):
567 """
568 Fetch if exist an auth-token with role ALL connected to this user
569 """
570 user_auth_token = UserApiKeys.query()\
571 .filter(UserApiKeys.user_id == self.user_id)\
572 .filter(or_(UserApiKeys.expires == -1,
573 UserApiKeys.expires >= time.time()))\
574 .filter(UserApiKeys.role == UserApiKeys.ROLE_ALL).first()
575 return user_auth_token
576
577 @api_key.setter
578 def api_key(self, val):
579 # don't allow to set API key this is deprecated for now
580 self._api_key = None
581
565 582 @property
566 583 def firstname(self):
567 584 # alias for future
@@ -574,7 +591,7 b' class User(Base, BaseModel):'
574 591
575 592 @property
576 593 def auth_tokens(self):
577 return [self.api_key] + [x.api_key for x in self.extra_auth_tokens]
594 return [x.api_key for x in self.extra_auth_tokens]
578 595
579 596 @property
580 597 def extra_auth_tokens(self):
@@ -684,8 +701,7 b' class User(Base, BaseModel):'
684 701 Returns instance of AuthUser for this user
685 702 """
686 703 from rhodecode.lib.auth import AuthUser
687 return AuthUser(user_id=self.user_id, api_key=self.api_key,
688 username=self.username)
704 return AuthUser(user_id=self.user_id, username=self.username)
689 705
690 706 @hybrid_property
691 707 def user_data(self):
@@ -730,24 +746,18 b' class User(Base, BaseModel):'
730 746 return q.scalar()
731 747
732 748 @classmethod
733 def get_by_auth_token(cls, auth_token, cache=False, fallback=True):
734 q = cls.query().filter(cls.api_key == auth_token)
735
749 def get_by_auth_token(cls, auth_token, cache=False):
750 q = UserApiKeys.query()\
751 .filter(UserApiKeys.api_key == auth_token)\
752 .filter(or_(UserApiKeys.expires == -1,
753 UserApiKeys.expires >= time.time()))
736 754 if cache:
737 755 q = q.options(FromCache("sql_cache_short",
738 756 "get_auth_token_%s" % auth_token))
739 res = q.scalar()
740
741 if fallback and not res:
742 #fallback to additional keys
743 _res = UserApiKeys.query()\
744 .filter(UserApiKeys.api_key == auth_token)\
745 .filter(or_(UserApiKeys.expires == -1,
746 UserApiKeys.expires >= time.time()))\
747 .first()
748 if _res:
749 res = _res.user
750 return res
757
758 match = q.first()
759 if match:
760 return match.user
751 761
752 762 @classmethod
753 763 def get_by_email(cls, email, case_insensitive=False, cache=False):
@@ -884,7 +894,6 b' class User(Base, BaseModel):'
884 894 api_key_replacement = '*' * api_key_length
885 895
886 896 extras = {
887 'api_key': api_key_replacement,
888 897 'api_keys': [api_key_replacement],
889 898 'active': user.active,
890 899 'admin': user.admin,
@@ -897,7 +906,6 b' class User(Base, BaseModel):'
897 906 data.update(extras)
898 907
899 908 if include_secrets:
900 data['api_key'] = user.api_key
901 909 data['api_keys'] = user.auth_tokens
902 910 return data
903 911
General Comments 0
You need to be logged in to leave comments. Login now