Created
March 15, 2013 17:18
-
-
Save LambdaSix/5171511 to your computer and use it in GitHub Desktop.
RestHTTP with SHA-1 auth tokens.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import bottle | |
from bottle import run, post, get, request, HTTPError | |
import json | |
import re | |
import hashlib | |
import os | |
userLogins = {} | |
@post('/post/') | |
@post('/post') | |
@get('/get/') | |
@get('/get') | |
def get(): | |
print 'HEADERS: {}'.format(json.dumps(dict(request.headers), indent=2)) | |
print 'POST: {}'.format(json.dumps(dict(request.forms), indent=2)) | |
print 'QUERY STRING: {}'.format(json.dumps(dict(request.query), indent=2)) | |
print 'BODY: {}'.format(request.body) | |
print '\n' | |
return parseQuery(request.body) | |
def parseQuery(queryStr): | |
datagram = json.load(queryStr) | |
reference = datagram.get("reference") | |
keyword = datagram.get("keyword") | |
oauth = datagram.get("oauth_token") | |
data = datagram.get("data") | |
print 'REFERENCE: {}'.format(reference) | |
print 'KEYWORD: {}'.format(keyword) | |
print 'OAUTH_TOKEN: {}'.format(oauth) | |
authRegex = re.compile('^auth$', re.I) | |
anyWorkRegex = re.compile('^anywork$', re.I) | |
onPdaRegex = re.compile('^onpda$', re.I) | |
if authRegex.match(keyword): | |
return authenticateUser(data) | |
if anyWorkRegex.match(keyword): | |
return processAnyWork(data) | |
if onPdaRegex.match(keyword): | |
return processOnPda(data) | |
def processAnyWork(data): | |
result = confirmAuthorisation(data.get("auth_token")) | |
workItems = getAllWorkForUser(userLogins.get("auth_token").get("username")) | |
list = [] | |
for x in workItems: | |
# Create multi-work-item JSON chunk. | |
# Replace with a real item. | |
pass | |
# concatenate the list together. | |
# return the JSON-chunk to the client. | |
return result | |
def getAllWorkForUser(username): | |
# Ask the data for jobs and return them as json. | |
return "{}" | |
def processOnPda(data): | |
return json.dumps({"result": 0}) | |
def confirmAuthorisation(auth_token): | |
if not auth_token: | |
return json.dumps({"result": 0}) | |
user = userLogins.get(auth_token).get("username") | |
if user: | |
return True | |
def authenticateUser(data): | |
hasher = hashlib.sha1() | |
username = data.get("username") | |
password = data.get("password") | |
company = data.get("company") | |
authRet = '' | |
if checkCredentials(username, password, company): | |
hasher.update('{}+{}+{}'.format(data.get("username"), data.get("password"), getSalt())) | |
print hasher.hexdigest() | |
authRet = json.dumps({"auth_token": hasher.hexdigest()}) | |
userLogins[str(hasher.hexdigest())] = {"username": data.get("username"), "company": data.get("company")} | |
return authRet | |
def checkCredentials(username, password, company): | |
return True | |
def getSalt(): | |
return "saltySalt!" | |
def shutDown(): | |
f = open('flatdb.db', 'w+') | |
f.write(json.dumps(userLogins)) | |
f.close() | |
def startUp(): | |
data = '' | |
if os.path.exists('flatdb.db'): | |
f = open('flatdb.db', 'r+') | |
data = f.read() | |
if data: | |
userLogins = json.dumps(data) | |
if __name__ == "__main__": | |
startUp() | |
bottle.debug(False) | |
run(host='', port=12000) | |
shutDown() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment