crafty-4/app/classes/shared/authentication.py

import logging
import time
from typing import Optional, Dict, Any, Tuple
import jwt
from jwt import PyJWTError

from app.classes.models.users import HelperUsers, ApiKeys
from app.classes.controllers.management_controller import ManagementController

logger = logging.getLogger(__name__)


class Authentication:
    def __init__(self, helper):
        self.helper = helper
        self.secret = "my secret"
        try:
            self.secret = ManagementController.get_crafty_api_key()
            if self.secret == "":
                self.secret = self.helper.random_string_generator(64)
                ManagementController.set_crafty_api_key(str(self.secret))
        except:
            self.secret = self.helper.random_string_generator(64)
            ManagementController.set_crafty_api_key(str(self.secret))

    def generate(self, user_id, extra=None):
        if extra is None:
            extra = {}
        jwt_encoded = jwt.encode(
            {"user_id": user_id, "iat": int(time.time()), **extra},
            self.secret,
            algorithm="HS256",
        )
        return jwt_encoded

    def read(self, token):
        return jwt.decode(token, self.secret, algorithms=["HS256"])

    def check_no_iat(self, token) -> Optional[Dict[str, Any]]:
        try:
            return jwt.decode(str(token), self.secret, algorithms=["HS256"])
        except PyJWTError as error:
            logger.debug("Error while checking JWT token: ", exc_info=error)
            return None

    def check(
        self,
        token,
    ) -> Optional[Tuple[Optional[ApiKeys], Dict[str, Any], Dict[str, Any]]]:
        try:
            data = jwt.decode(str(token), self.secret, algorithms=["HS256"])
        except PyJWTError as error:
            logger.debug("Error while checking JWT token: ", exc_info=error)
            return None
        iat: int = data["iat"]
        key: Optional[ApiKeys] = None
        if "token_id" in data:
            key_id = data["token_id"]
            key = HelperUsers.get_user_api_key(key_id)
            if key is None:
                return None
        user_id: str = data["user_id"]
        user = HelperUsers.get_user(user_id)
        # TODO: Have a cache or something so we don't constantly
        # have to query the database
        if int(user.get("valid_tokens_from").timestamp()) < iat:
            # Success!
            return key, data, user
        return None

    def check_err(
        self,
        token,
    ) -> Tuple[Optional[ApiKeys], Dict[str, Any], Dict[str, Any]]:
        # Without this function there would be runtime exceptions like the following:
        # "None" object is not iterable

        output = self.check(token)
        if output is None:
            raise Exception("Invalid token")
        return output

    def check_bool(self, token) -> bool:
        return self.check(token) is not None
JWT login and multi API keys! 2022-01-15 00:23:50 +00:00			`import logging`
			`import time`
			`from typing import Optional, Dict, Any, Tuple`
Refactored the yes to not pass objects in import Merge Conflicts ᴙ Us 2022-04-11 05:23:55 +00:00			`import jwt`
			`from jwt import PyJWTError`
JWT login and multi API keys! 2022-01-15 00:23:50 +00:00
Refactor to standardize class/variable naming ✨ 2022-04-14 02:10:25 +00:00			`from app.classes.models.users import HelperUsers, ApiKeys`
Backup/Config.json rework for API key hardening See merge request crafty-controller/crafty-4!369 2022-06-20 19:26:21 +00:00			`from app.classes.controllers.management_controller import ManagementController`
Tidy imports & dep auto-installer 2022-03-08 04:40:44 +00:00
			`logger = logging.getLogger(__name__)`
JWT login and multi API keys! 2022-01-15 00:23:50 +00:00
⬛Black codebase Apply black formatting to codebase 2022-03-23 02:50:12 +00:00
JWT login and multi API keys! 2022-01-15 00:23:50 +00:00			`class Authentication:`
Refactored the yes to not pass objects in import Merge Conflicts ᴙ Us 2022-04-11 05:23:55 +00:00			`def __init__(self, helper):`
			`self.helper = helper`
JWT login and multi API keys! 2022-01-15 00:23:50 +00:00			`self.secret = "my secret"`
Backup/Config.json rework for API key hardening See merge request crafty-controller/crafty-4!369 2022-06-20 19:26:21 +00:00			`try:`
			`self.secret = ManagementController.get_crafty_api_key()`
			`if self.secret == "":`
			`self.secret = self.helper.random_string_generator(64)`
			`ManagementController.set_crafty_api_key(str(self.secret))`
			`except:`
Refactored the yes to not pass objects in import Merge Conflicts ᴙ Us 2022-04-11 05:23:55 +00:00			`self.secret = self.helper.random_string_generator(64)`
Backup/Config.json rework for API key hardening See merge request crafty-controller/crafty-4!369 2022-06-20 19:26:21 +00:00			`ManagementController.set_crafty_api_key(str(self.secret))`
JWT login and multi API keys! 2022-01-15 00:23:50 +00:00
Refactored the yes to not pass objects in import Merge Conflicts ᴙ Us 2022-04-11 05:23:55 +00:00			`def generate(self, user_id, extra=None):`
JWT login and multi API keys! 2022-01-15 00:23:50 +00:00			`if extra is None:`
			`extra = {}`
Add API routes from 3.x Enhance security for permissions on API requests Fix bug where server permissions and crafty permissions were flipped upon making a new token Fix bug where new secret key would be created every time Crafty was started. Fix bug where DB locks will occur with concurrent writes to the DB. 2022-04-10 19:39:31 +00:00			`jwt_encoded = jwt.encode(`
⬛Black codebase Apply black formatting to codebase 2022-03-23 02:50:12 +00:00			`{"user_id": user_id, "iat": int(time.time()), **extra},`
Refactored the yes to not pass objects in import Merge Conflicts ᴙ Us 2022-04-11 05:23:55 +00:00			`self.secret,`
⬛Black codebase Apply black formatting to codebase 2022-03-23 02:50:12 +00:00			`algorithm="HS256",`
JWT login and multi API keys! 2022-01-15 00:23:50 +00:00			`)`
Add API routes from 3.x Enhance security for permissions on API requests Fix bug where server permissions and crafty permissions were flipped upon making a new token Fix bug where new secret key would be created every time Crafty was started. Fix bug where DB locks will occur with concurrent writes to the DB. 2022-04-10 19:39:31 +00:00			`return jwt_encoded`
JWT login and multi API keys! 2022-01-15 00:23:50 +00:00
Refactored the yes to not pass objects in import Merge Conflicts ᴙ Us 2022-04-11 05:23:55 +00:00			`def read(self, token):`
			`return jwt.decode(token, self.secret, algorithms=["HS256"])`
JWT login and multi API keys! 2022-01-15 00:23:50 +00:00
Refactored the yes to not pass objects in import Merge Conflicts ᴙ Us 2022-04-11 05:23:55 +00:00			`def check_no_iat(self, token) -> Optional[Dict[str, Any]]:`
JWT login and multi API keys! 2022-01-15 00:23:50 +00:00			`try:`
Merge branch feature/external-frontend to feature/api-v2 without the frontend 2022-04-14 12:33:53 +00:00			`return jwt.decode(str(token), self.secret, algorithms=["HS256"])`
JWT login and multi API keys! 2022-01-15 00:23:50 +00:00			`except PyJWTError as error:`
			`logger.debug("Error while checking JWT token: ", exc_info=error)`
			`return None`

⬛Black codebase Apply black formatting to codebase 2022-03-23 02:50:12 +00:00			`def check(`
Refactored the yes to not pass objects in import Merge Conflicts ᴙ Us 2022-04-11 05:23:55 +00:00			`self,`
⬛Black codebase Apply black formatting to codebase 2022-03-23 02:50:12 +00:00			`token,`
			`) -> Optional[Tuple[Optional[ApiKeys], Dict[str, Any], Dict[str, Any]]]:`
JWT login and multi API keys! 2022-01-15 00:23:50 +00:00			`try:`
Merge branch feature/external-frontend to feature/api-v2 without the frontend 2022-04-14 12:33:53 +00:00			`data = jwt.decode(str(token), self.secret, algorithms=["HS256"])`
JWT login and multi API keys! 2022-01-15 00:23:50 +00:00			`except PyJWTError as error:`
			`logger.debug("Error while checking JWT token: ", exc_info=error)`
			`return None`
⬛Black codebase Apply black formatting to codebase 2022-03-23 02:50:12 +00:00			`iat: int = data["iat"]`
JWT login and multi API keys! 2022-01-15 00:23:50 +00:00			`key: Optional[ApiKeys] = None`
⬛Black codebase Apply black formatting to codebase 2022-03-23 02:50:12 +00:00			`if "token_id" in data:`
			`key_id = data["token_id"]`
Refactor to standardize class/variable naming ✨ 2022-04-14 02:10:25 +00:00			`key = HelperUsers.get_user_api_key(key_id)`
JWT login and multi API keys! 2022-01-15 00:23:50 +00:00			`if key is None:`
			`return None`
⬛Black codebase Apply black formatting to codebase 2022-03-23 02:50:12 +00:00			`user_id: str = data["user_id"]`
Refactor to standardize class/variable naming ✨ 2022-04-14 02:10:25 +00:00			`user = HelperUsers.get_user(user_id)`
Fix files to conform with new ⚫Black pylintrc Mostly just breaking up strings and comments into new lines Some strings dont require 'f' but keeping in for readability with the rest of the concatinated string 2022-03-23 06:06:13 +00:00			`# TODO: Have a cache or something so we don't constantly`
			`# have to query the database`
⬛Black codebase Apply black formatting to codebase 2022-03-23 02:50:12 +00:00			`if int(user.get("valid_tokens_from").timestamp()) < iat:`
JWT login and multi API keys! 2022-01-15 00:23:50 +00:00			`# Success!`
			`return key, data, user`
Fix no-else-* QA warnings 2022-06-14 12:40:57 +00:00			`return None`
JWT login and multi API keys! 2022-01-15 00:23:50 +00:00
Merge branch feature/external-frontend to feature/api-v2 without the frontend 2022-04-14 12:33:53 +00:00			`def check_err(`
			`self,`
			`token,`
			`) -> Tuple[Optional[ApiKeys], Dict[str, Any], Dict[str, Any]]:`
			`# Without this function there would be runtime exceptions like the following:`
			`# "None" object is not iterable`

			`output = self.check(token)`
			`if output is None:`
			`raise Exception("Invalid token")`
			`return output`

Refactored the yes to not pass objects in import Merge Conflicts ᴙ Us 2022-04-11 05:23:55 +00:00			`def check_bool(self, token) -> bool:`
			`return self.check(token) is not None`