apikey check rewrite
This commit is contained in:
parent
6d5ae74495
commit
c635db1af3
2 changed files with 42 additions and 49 deletions
|
@ -76,7 +76,6 @@ def validate(clientemail, password):
|
|||
c_id = str(path[0])
|
||||
#ioconfig.logger.info('client[{}]> path={}'.format(c_id, str(path)))
|
||||
except:
|
||||
raise
|
||||
ioconfig.logger.warning('clients> {} was not found in the database!'.format(clientemail))
|
||||
#log bad ips here...
|
||||
return False
|
||||
|
@ -93,7 +92,7 @@ def validate(clientemail, password):
|
|||
#3. generate vmlist to return the owned ids to the client.
|
||||
return clientvms(clientsdb[c_id])
|
||||
else:
|
||||
ioconfig.logger.warning('clients> {} ACCESS DENIED!'.format(clientemail))
|
||||
ioconfig.logger.warning('clients> {} access denied!'.format(clientemail))
|
||||
#cant compare password
|
||||
#TODO: Log attempts and block.
|
||||
return {}
|
||||
|
|
|
@ -86,60 +86,47 @@ def max_body(limit):
|
|||
return hook
|
||||
|
||||
|
||||
def apicheck(params):
|
||||
""" compares request params for api key with the config file"""
|
||||
try:
|
||||
if params['apipass'] == config.get('general', 'apipass'):
|
||||
status = True
|
||||
response = 'OK'
|
||||
else:
|
||||
status = False
|
||||
response = 'GET KEY DENIED'
|
||||
logger.error('grid> read access denied. key mismatch')
|
||||
except:
|
||||
#raise
|
||||
status = False
|
||||
response = 'GET URL DENIED'
|
||||
logger.error('grid> read access denied. url error?')
|
||||
finally:
|
||||
return (status, response)
|
||||
|
||||
|
||||
#API methods
|
||||
class ValidateResource(object):
|
||||
|
||||
@falcon.before(max_body(64 * 1024))
|
||||
def on_post(self, req, resp):
|
||||
""" get clientemail and password and compare it with the client db and returns a list of managed object IDs """
|
||||
resp.status = falcon.HTTP_200
|
||||
clientemail = req.context['doc']['clientemail']
|
||||
passwd = req.context['doc']['password']
|
||||
json = req.context['doc']
|
||||
apipass = json['apikey']
|
||||
if apipass != config.get('general', 'apipass'):
|
||||
resp.status = falcon.HTTP_404
|
||||
logger.error('grid> access denied. bad api key!')
|
||||
return None
|
||||
|
||||
clientemail = json['clientemail']
|
||||
passwd = json['password']
|
||||
|
||||
logger.info('grid> access requested for {} with {}'.format(clientemail, passwd))
|
||||
#apicheck_stat, apicheck_resp = apicheck(req.params)
|
||||
|
||||
response = clientsdb.validate(clientemail, passwd)
|
||||
print(response)
|
||||
resp.status = falcon.HTTP_202
|
||||
req.context['result'] = response
|
||||
#if response is not None:
|
||||
# resp.status = falcon.HTTP_200
|
||||
# resp.body = response
|
||||
#else:
|
||||
# resp.status = falcon.HTTP_403
|
||||
# resp.body = 'ERR'
|
||||
#return response
|
||||
|
||||
|
||||
class ClusterResource(object):
|
||||
def on_get(self, req, resp):
|
||||
"""TEST ONLY. List cluster nodes. TEST ONLY"""
|
||||
logger.info('grid> cache status')
|
||||
apicheck_stat, apicheck_resp = apicheck(req.params)
|
||||
if apicheck_stat:
|
||||
resp.status = falcon.HTTP_200
|
||||
resp.body = str(grid.sync())
|
||||
else:
|
||||
resp.status = falcon.HTTP_403
|
||||
resp.body = apicheck_resp
|
||||
json = req.context['doc']
|
||||
apipass = json['apikey']
|
||||
if apipass != config.get('general', 'apipass'):
|
||||
resp.status = falcon.HTTP_404
|
||||
logger.error('grid> access denied. bad api key!')
|
||||
return None
|
||||
|
||||
logger.info('grid> cache status')
|
||||
|
||||
response = grid.sync(False)
|
||||
resp.status = falcon.HTTP_202
|
||||
req.context['result'] = response
|
||||
|
||||
|
||||
|
||||
@falcon.before(max_body(64 * 1024))
|
||||
def on_post(self, req, resp):
|
||||
"""Create a cluster node, returns array of: status, vmid, pass, ipv4, """
|
||||
logger.info('grid> create ' + str(req.params))
|
||||
|
@ -180,6 +167,7 @@ class StatusResource(object):
|
|||
|
||||
|
||||
class DeleteResource(object):
|
||||
@falcon.before(max_body(64 * 1024))
|
||||
def on_post(self, req, resp, vmid):
|
||||
""" delete machine completely"""
|
||||
logger.info('grid> delete ' + str(vmid))
|
||||
|
@ -199,12 +187,13 @@ class DeleteResource(object):
|
|||
|
||||
|
||||
class ArchivateResource(object):
|
||||
@falcon.before(max_body(64 * 1024))
|
||||
def on_post(self, req, resp, vmid):
|
||||
""" Temporary suspend the instance """
|
||||
logger.info('grid> suspend ' + str(vmid))
|
||||
apicheck_stat, apicheck_resp = apicheck(req.params)
|
||||
if apicheck_stat:
|
||||
resp.status = falcon.HTTP_200
|
||||
resp.status = falcon.HTTP_202
|
||||
try:
|
||||
resp.body = urllib.parse.urlencode(plugin.vmsuspend(vmid))
|
||||
except:
|
||||
|
@ -219,12 +208,13 @@ class ArchivateResource(object):
|
|||
|
||||
|
||||
class UnArchiveResource(object):
|
||||
@falcon.before(max_body(64 * 1024))
|
||||
def on_post(self, req, resp, vmid):
|
||||
""" Unuspend the instance """
|
||||
logger.info('grid> resume ' + str(vmid))
|
||||
apicheck_stat, apicheck_resp = apicheck(req.params)
|
||||
if apicheck_stat:
|
||||
resp.status = falcon.HTTP_200
|
||||
resp.status = falcon.HTTP_202
|
||||
try:
|
||||
resp.body = urllib.parse.urlencode(plugin.vmresume(vmid))
|
||||
except:
|
||||
|
@ -239,12 +229,13 @@ class UnArchiveResource(object):
|
|||
|
||||
|
||||
class StartResource(object):
|
||||
@falcon.before(max_body(64 * 1024))
|
||||
def on_post(self, req, resp, vmid):
|
||||
""" Start the instance """
|
||||
logger.info('grid> start ' + str(vmid))
|
||||
apicheck_stat, apicheck_resp = apicheck(req.params)
|
||||
if apicheck_stat:
|
||||
resp.status = falcon.HTTP_200
|
||||
resp.status = falcon.HTTP_202
|
||||
try:
|
||||
resp.body = urllib.parse.urlencode(plugin.vmstart(vmid))
|
||||
except:
|
||||
|
@ -259,12 +250,13 @@ class StartResource(object):
|
|||
|
||||
|
||||
class ShutdownResource(object):
|
||||
@falcon.before(max_body(64 * 1024))
|
||||
def on_post(self, req, resp, vmid):
|
||||
""" ACPI Shutdown the instance """
|
||||
logger.info('grid> shutdown ' + str(vmid))
|
||||
apicheck_stat, apicheck_resp = apicheck(req.params)
|
||||
if apicheck_stat:
|
||||
resp.status = falcon.HTTP_200
|
||||
resp.status = falcon.HTTP_202
|
||||
try:
|
||||
resp.body = urllib.parse.urlencode(plugin.vmshutdown(vmid))
|
||||
#TODO: Try few times and then return proper status message
|
||||
|
@ -280,12 +272,13 @@ class ShutdownResource(object):
|
|||
|
||||
|
||||
class StopResource(object):
|
||||
@falcon.before(max_body(64 * 1024))
|
||||
def on_post(self, req, resp, vmid):
|
||||
""" Stop the instance """
|
||||
logger.info('grid> stop ' + str(vmid))
|
||||
apicheck_stat, apicheck_resp = apicheck(req.params)
|
||||
if apicheck_stat:
|
||||
resp.status = falcon.HTTP_200
|
||||
resp.status = falcon.HTTP_202
|
||||
try:
|
||||
resp.body = urllib.parse.urlencode(plugin.vmstop(vmid))
|
||||
except:
|
||||
|
@ -299,13 +292,14 @@ class StopResource(object):
|
|||
resp.body = apicheck_resp
|
||||
|
||||
class VNCResource(object):
|
||||
@falcon.before(max_body(64 * 1024))
|
||||
def on_post(self, req, resp, vmid):
|
||||
""" Create a VNC link to the instance """
|
||||
apicheck_stat, apicheck_resp = apicheck(req.params)
|
||||
logger.info('grid> vnc ' + str(vmid))
|
||||
if apicheck_stat:
|
||||
try:
|
||||
resp.status = falcon.HTTP_200
|
||||
resp.status = falcon.HTTP_202
|
||||
resp.body = urllib.parse.urlencode(plugin.vmvnc(vmid))
|
||||
except:
|
||||
logger.error('grid> vnc error')
|
||||
|
|
Loading…
Reference in a new issue