val314159/authserver.py

## authserver.py
#!/usr/bin/env python
import bottle,json,base64
app=bottle.Bottle()

# our in-memory db
app.UserList=[
  { "e":"j@x", "u":"u0", "t":"t1", "p": "a", "g": ["user","admin"] },
  { "e":"z@w", "u":"u1", "t":"t2", "p": "b", "g": ["admin","root"] },
  { "e":"q@q", "u":"u2", "t":"t3", "p": "c", "g": [], "disabled": True, }
]

def digest(u,p): return base64.b64encode(u+':'+p)

# indexes
app.L = dict( (digest(u['e'],u['p']),u) for u in app.UserList )
app.T = dict( (u['t'],               u) for u in app.UserList )

# util funcs for error conditions
def AccessDenied():
  raise bottle.HTTPResponse(status=403, body=json.dumps(dict(success=False,
                                       reason="Access Denied")))

@app.hook('after_request')
def enable_cors():
    bottle.response.headers['Access-Control-Allow-Origin'] = '*'
    bottle.response.headers['Access-Control-Allow-Methods'] = 'GET, POST, PUT, OPTIONS'
    bottle.response.headers['Access-Control-Allow-Headers'] = 'Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token'

@app.get('/valid/<token>/<group>')
def is_valid(token,group=None):
  value = app.T.get(token,None)
  if not value:  # you're not in the DB!
    return AccessDenied()
  if value.get('disabled',0): # you're disabled!
    return AccessDenied()
  if group and group not in value['g']: # are you in the group?
    return AccessDenied()
  return dict(result=True) # all tests pass, you're in

@app.get('/login/<username>/<password>')
@app.get('/login/<username_password>')
def login(username_password=None,username=None,password=None):
  if username_password is None:
    username_password = digest(username,password)
    pass
  value = dict( app.L.get(username_password,{}) )
  if not value:  # you're not in the DB!
    return AccessDenied()
  value.pop('p',0) # don't need to be sending the password around
  value.pop('g',0) # or the groups
  return dict(result=dict(authinfo=value))

if __name__=='__main__':
  app.run(host='', port='9090')
	#!/usr/bin/env python
	import bottle,json,base64
	app=bottle.Bottle()

	# our in-memory db
	app.UserList=[
	{ "e":"j@x", "u":"u0", "t":"t1", "p": "a", "g": ["user","admin"] },
	{ "e":"z@w", "u":"u1", "t":"t2", "p": "b", "g": ["admin","root"] },
	{ "e":"q@q", "u":"u2", "t":"t3", "p": "c", "g": [], "disabled": True, }
	]

	def digest(u,p): return base64.b64encode(u+':'+p)

	# indexes
	app.L = dict( (digest(u['e'],u['p']),u) for u in app.UserList )
	app.T = dict( (u['t'], u) for u in app.UserList )

	# util funcs for error conditions
	def AccessDenied():
	raise bottle.HTTPResponse(status=403, body=json.dumps(dict(success=False,
	reason="Access Denied")))

	@app.hook('after_request')
	def enable_cors():
	bottle.response.headers['Access-Control-Allow-Origin'] = '*'
	bottle.response.headers['Access-Control-Allow-Methods'] = 'GET, POST, PUT, OPTIONS'
	bottle.response.headers['Access-Control-Allow-Headers'] = 'Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token'

	@app.get('/valid/<token>/<group>')
	def is_valid(token,group=None):
	value = app.T.get(token,None)
	if not value: # you're not in the DB!
	return AccessDenied()
	if value.get('disabled',0): # you're disabled!
	return AccessDenied()
	if group and group not in value['g']: # are you in the group?
	return AccessDenied()
	return dict(result=True) # all tests pass, you're in

	@app.get('/login/<username>/<password>')
	@app.get('/login/<username_password>')
	def login(username_password=None,username=None,password=None):
	if username_password is None:
	username_password = digest(username,password)
	pass
	value = dict( app.L.get(username_password,{}) )
	if not value: # you're not in the DB!
	return AccessDenied()
	value.pop('p',0) # don't need to be sending the password around
	value.pop('g',0) # or the groups
	return dict(result=dict(authinfo=value))

	if __name__=='__main__':
	app.run(host='', port='9090')