Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
W
ws-eidaauth
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Service Desk
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Incidents
Environments
Packages & Registries
Packages & Registries
Container Registry
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
OSUG
RESIF
ws-eidaauth
Commits
0de255b0
Commit
0de255b0
authored
Mar 18, 2020
by
Jonathan Schaeffer
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Uniform expiration column names
parent
f39a0033
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
15 additions
and
25 deletions
+15
-25
README.md
README.md
+7
-17
eidawsauth/eidawsauth.py
eidawsauth/eidawsauth.py
+8
-8
No files found.
README.md
View file @
0de255b0
...
...
@@ -45,28 +45,18 @@ alter table users add column if not exists expires_at timestamp default value nu
```
Table
`credentials`
:
No modification to the resifAuth schema
```
sql
alter
table
credentials
add
column
if
not
exists
expires_at
timestamp
default
value
null
;
```
#### PRIVILEDGEDB
Table
`aut_user`
.
No modification to the resifInv-Prod schema.
#### PRIVILEDGEDB
Table
`eida_temp_users`
:
```
sql
Colonne
|
Type
|
Collationnement
|
NULL
-
able
|
Par
d
é
faut
|
Stockage
|
------------+---------+-----------------+-----------+-------------------------------------------+----------+
user_id
|
integer
|
|
not
null
|
nextval
(
'aut_user_user_id_seq'
::
regclass
)
|
plain
|
network_id
|
bigint
|
|
|
0
|
plain
|
network
|
text
|
|
not
null
|
|
extended
|
start_year
|
integer
|
|
not
null
|
0
|
plain
|
end_year
|
integer
|
|
not
null
|
0
|
plain
|
name
|
text
|
|
not
null
|
|
extended
|
Index
:
"aut_user_pkey"
PRIMARY
KEY
,
btree
(
user_id
)
"uniq_aut_user"
UNIQUE
CONSTRAINT
,
btree
(
network
,
start_year
,
end_year
,
name
)
Contraintes
de
cl
é
s
é
trang
è
res
:
"aut_user_network_id_fkey"
FOREIGN
KEY
(
network_id
)
REFERENCES
networks
(
network_id
)
ON
DELETE
SET
DEFAULT
alter
table
aut_user
add
column
if
not
exists
expires_at
timestamp
default
value
null
;
```
## Playing around
After the Database initialisation, the application can be run in a virtual environment.
...
...
eidawsauth/eidawsauth.py
View file @
0de255b0
...
...
@@ -82,15 +82,15 @@ def register_login(login, password):
raise
e
cur
.
execute
(
"""
INSERT INTO users VALUES (DEFAULT, %(login)s, 'Temp', 'EIDA', %(tmpmail)s, %(expir
ation
)s);
INSERT INTO users VALUES (DEFAULT, %(login)s, 'Temp', 'EIDA', %(tmpmail)s, %(expir
es_at
)s);
"""
,
{
'login'
:
login
,
'tmpmail'
:
"%s@eida"
%
(
login
),
'expir
ation
'
:
expiration_time
}
{
'login'
:
login
,
'tmpmail'
:
"%s@eida"
%
(
login
),
'expir
es_at
'
:
expiration_time
}
)
cur
.
execute
(
"""
INSERT INTO credentials VALUES (CURRVAL('users_user_index_seq'), NULL, %(wsshash)s, %(expir
ation
)s);
INSERT INTO credentials VALUES (CURRVAL('users_user_index_seq'), NULL, %(wsshash)s, %(expir
es_at
)s);
"""
,
{
'wsshash'
:
wsshash
(
login
,
password
),
'expir
ation
'
:
expiration_time
}
{
'wsshash'
:
wsshash
(
login
,
password
),
'expir
es_at
'
:
expiration_time
}
)
conn
.
commit
()
conn
.
close
()
...
...
@@ -118,14 +118,14 @@ def register_privileges(login, fdsn_refs):
# Get the network id
for
ref
in
fdsn_refs
:
ref
[
'login'
]
=
login
ref
[
'expir
ation
'
]
=
datetime
.
datetime
.
now
()
+
datetime
.
timedelta
(
days
=
1
)
ref
[
'expir
es_at
'
]
=
datetime
.
datetime
.
now
()
+
datetime
.
timedelta
(
days
=
1
)
cur
.
execute
(
"""
select network_id from networks where start_year=%(startyear)s and end_year=%(endyear)s and network=%(networkcode)s;
"""
,
ref
)
ref
[
'networkid'
]
=
cur
.
fetchone
()[
0
]
logging
.
info
(
"Inserting tupple in %s.eida_temp_users: %s"
%
(
application
.
config
[
'PRIVILEGEDBNAME'
],
ref
))
cur
.
execute
(
"""
insert into eida_temp_users (network_id, network, start_year, end_year, name, expir
ation) values (%(networkid)s, %(networkcode)s, %(startyear)s, %(endyear)s, %(login)s, %(expiration
)s);
insert into eida_temp_users (network_id, network, start_year, end_year, name, expir
es_at) values (%(networkid)s, %(networkcode)s, %(startyear)s, %(endyear)s, %(login)s, %(expires_at
)s);
"""
,
ref
)
conn
.
commit
()
conn
.
close
()
...
...
@@ -150,7 +150,7 @@ def cleanup():
password
=
application
.
config
[
'AUTHDBPASSWORD'
])
cur
=
conn
.
cursor
()
logging
.
debug
(
"Connected to users database"
)
cur
.
execute
(
"delete from credentials where expir
ation
< now();"
)
cur
.
execute
(
"delete from credentials where expir
es_at
< now();"
)
cur
.
execute
(
"delete from users where expires_at < now();"
)
rows_deleted
=
cur
.
rowcount
conn
.
commit
()
...
...
@@ -171,7 +171,7 @@ def cleanup():
cur
=
conn
.
cursor
()
logging
.
debug
(
"Connected to privlieges database"
)
logging
.
debug
(
"Deleting from privileges database: %s"
,
old_users
)
cur
.
execute
(
"delete from eida_temp_users where expir
ation
< now();"
)
cur
.
execute
(
"delete from eida_temp_users where expir
es_at
< now();"
)
conn
.
commit
()
conn
.
close
()
except
Exception
as
e
:
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment