-
Notifications
You must be signed in to change notification settings - Fork 0
/
user_auth.py
119 lines (90 loc) · 3.42 KB
/
user_auth.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
import time
from datetime import datetime, timedelta
from custom_exception import User_exception, Role_exception, Token_exception
import uuid
class Expire_data():
def __init__(self, ttl=7200):
self.auth = {}
self.ttl = ttl
def __setitem__(self, key, value):
self.auth[key] = (value, datetime.now())
def __getitem__(self, key):
if key not in self.auth:
return None
value, val_time = self.auth[key]
if (datetime.now() - val_time) > timedelta(seconds=self.ttl):
del self.auth[key]
return None
else:
return value
def __len__(self):
return len(self.auth)
def __delitem__(self, key):
del self.auth[key]
def __contains__(self, item):
if self[item]:
return True
else:
return False
def check_validate_token(self, token):
return token in self.auth
class User_roles():
def __init__(self, ttl = 7200):
self.users = {}
self.auths_data = Expire_data(ttl)
self.roles = set()
def create_user(self, user_name, pwd):
if user_name in self.users:
raise User_exception(f'user {user_name} already exists')
self.users[user_name] = (pwd, [])
def delete_user(self, user_name):
if user_name not in self.users:
raise User_exception(f"user {user_name} doesn't exist")
del self.users[user_name]
def create_role(self, role_name):
if role_name in self.roles:
raise Role_exception(f"role {role_name} already exists")
self.roles.add(role_name)
def delete_role(self, role_name):
if role_name not in self.roles:
raise Role_exception(f"role {role_name} doesn't exist")
self.roles.remove(role_name)
for user_name in self.users:
_, user_role = self.users[user_name]
if role_name in user_role:
user_role.remove(role_name)
def add_role_user(self, user_name, role_name):
if user_name not in self.users:
raise User_exception(f"user {user_name} doesn't exist")
if role_name not in self.roles:
raise Role_exception(f"role {role_name} doesn't exist")
_, user_roles = self.users[user_name]
if role_name not in user_roles:
user_roles.append(role_name)
def authenticate(self,user_name, pwd):
if user_name not in self.users:
raise User_exception(f"user {user_name} doesn't exist")
if pwd != self.users[user_name][0]:
raise KeyError(f"password is wrong")
token = uuid.uuid4().hex
while token in self.auths_data:
token = uuid.uuid4().hex
self.auths_data[token] = user_name
return token
def invalidate(self,token):
if self.auths_data.check_validate_token(token):
del self.auths_data[token]
def check_role(self, token, role_name):
if token not in self.auths_data:
raise Token_exception('token is invalidate')
user_name = self.auths_data[token]
_, user_roles = self.users[user_name]
return role_name in user_roles
def all_roles(self, token):
if token not in self.auths_data:
raise Token_exception('token is invalidate')
user_name = self.auths_data[token]
_, user_roles = self.users[user_name]
return user_roles
if __name__ == '__main__':
pass