本文整理汇总了Python中aiohttp.web_exceptions.HTTPUnauthorized方法的典型用法代码示例。如果您正苦于以下问题:Python web_exceptions.HTTPUnauthorized方法的具体用法?Python web_exceptions.HTTPUnauthorized怎么用?Python web_exceptions.HTTPUnauthorized使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类aiohttp.web_exceptions的用法示例。
在下文中一共展示了web_exceptions.HTTPUnauthorized方法的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: validateUserPasswordDynamoDB
# 需要导入模块: from aiohttp import web_exceptions [as 别名]
# 或者: from aiohttp.web_exceptions import HTTPUnauthorized [as 别名]
def validateUserPasswordDynamoDB(app, username, password):
"""
validateUserPassword: verify user and password.
throws exception if not valid
Note: make this async since we'll eventually need some sort of http request to validate user/passwords
"""
if getPassword(app, username) is None:
# look up name in dynamodb table
dynamodb = getDynamoDBClient(app)
table_name = config.get("aws_dynamodb_users_table")
log.info(f"looking for user: {username} in DynamoDB table: {table_name}")
try:
response = await dynamodb.get_item(
TableName=table_name,
Key={'username': {'S': username}}
)
except ClientError as e:
log.error("Unable to read dyanamodb table: {}".format(e.response['Error']['Message']))
raise HTTPInternalServerError() # 500
if "Item" not in response:
log.info(f"user: {username} not found")
raise HTTPUnauthorized() # 401
item = response['Item']
if "password" not in item:
log.error("Expected to find password key in DynamoDB table")
raise HTTPInternalServerError() # 500
password_item = item["password"]
if 'S' not in password_item:
log.error("Expected to find 'S' key for password item")
raise HTTPInternalServerError() # 500
log.debug(f"password: {password_item}")
if password_item['S'] != password:
log.warn(f"user password is not valid for user: {username}")
raise HTTPUnauthorized() # 401
# add user/password to user_db map
setPassword(app, username, password) 示例2: validatePasswordSHA512
# 需要导入模块: from aiohttp import web_exceptions [as 别名]
# 或者: from aiohttp.web_exceptions import HTTPUnauthorized [as 别名]
def validatePasswordSHA512(app, username, password):
if getPassword(app, username) is None:
log.info(f"SHA512 check for username: {username}")
salt = config.get("password_salt")
hex_hash = hashlib.sha512(username.encode('utf-8') + salt.encode('utf-8')).hexdigest()
if hex_hash[:32] != password:
log.warn(f"user password is not valid (didn't equal sha512 hash) for user: {username}")
raise HTTPUnauthorized() # 401
setPassword(app, username, password) 示例3: check_permissions
# 需要导入模块: from aiohttp import web_exceptions [as 别名]
# 或者: from aiohttp.web_exceptions import HTTPUnauthorized [as 别名]
def check_permissions(self, group, request):
try:
if request.headers.get('KEY') == self.get_config('api_key_red') or \
request.headers.get('KEY') == self.get_config('api_key_blue'):
return True
await check_permission(request, group)
except (HTTPUnauthorized, HTTPForbidden):
raise web.HTTPFound('/login') 示例4: handle_unauthorized
# 需要导入模块: from aiohttp import web_exceptions [as 别名]
# 或者: from aiohttp.web_exceptions import HTTPUnauthorized [as 别名]
def handle_unauthorized(self, request: web.Request) -> web.Response:
"""
Handle /unauthorized which returns a 401
"""
raise HTTPUnauthorized() 示例5: login
# 需要导入模块: from aiohttp import web_exceptions [as 别名]
# 或者: from aiohttp.web_exceptions import HTTPUnauthorized [as 别名]
def login(request, email, password, connection=None):
user = await request.app.models.user.get_user_by_email(email, connection=connection)
if user:
if not user.is_active:
raise HTTPConflict(reason="User disabled")
elif check_password(password, user.password):
await gen_api_key(user.id, request=request, auth='email')
request.user = user
await user.on_login(connection=connection)
await request.app.m.user_action_log_entry.create_login(request, connection=connection)
response = dict(status=200, data=dict(uid=user.id))
return json_response(response, headers={'Authorization': request.api_key})
raise HTTPUnauthorized(reason="Login incorrect") 示例6: authorize
# 需要导入模块: from aiohttp import web_exceptions [as 别名]
# 或者: from aiohttp.web_exceptions import HTTPUnauthorized [as 别名]
def authorize(ensure_admin=False):
def __decorator__(handler):
@wraps(handler)
async def __wrapper__(request: Request):
user = await get_auth_user(request)
if user is None:
raise HTTPUnauthorized()
if ensure_admin and not user.is_admin:
raise HTTPForbidden()
return await handler(request)
return __wrapper__
return __decorator__ 示例7: validateUserPassword
# 需要导入模块: from aiohttp import web_exceptions [as 别名]
# 或者: from aiohttp.web_exceptions import HTTPUnauthorized [as 别名]
def validateUserPassword(app, username, password):
"""
validateUserPassword: verify user and password.
throws exception if not valid
Note: make this async since we'll eventually need some sort of http request to validate user/passwords
"""
log.debug(f"validateUserPassword username: {username}")
if not username:
log.info('validateUserPassword - null user')
raise HTTPUnauthorized()
if not password:
log.info('isPasswordValid - null password')
raise HTTPUnauthorized()
log.debug(f"looking up username: {username}")
if "user_db" not in app:
msg = "user_db not intialized"
log.error(msg)
raise HTTPInternalServerError() # 500
user_data = getPassword(app, username)
if user_data is None:
if "no_auth" in app and app["no_auth"]:
log.info(f"no-auth access for user: {username}")
setPassword(app, username, "")
elif config.get("aws_dynamodb_users_table"):
# look up in Dyanmo db - will throw exception if user not found
await validateUserPasswordDynamoDB(app, username, password)
elif config.get("password_salt"):
validatePasswordSHA512(app, username, password)
else:
log.info("user not found")
raise HTTPUnauthorized() # 401
user_data = getPassword(app, username)
if user_data['pwd'] == password:
log.debug("user password validated")
else:
log.info(f"user password is not valid for user: {username}")
raise HTTPUnauthorized() # 401