Skip to content
Toggle navigation
Projects
Groups
Snippets
Help
aa.gusti
/
opensipkd-base
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Settings
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit a45c2b4b
authored
Nov 21, 2025
by
aa.gustiana@gmail.com
Browse Files
Options
Browse Files
Tag
Download
Email Patches
Plain Diff
Enhance authentication process in MySecurityPolicy and improve logging in auth_from_rpc
1 parent
dc1fddd3
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
10 additions
and
3 deletions
opensipkd/base/security.py
opensipkd/base/tools/api.py
opensipkd/base/security.py
View file @
a45c2b4
from
inspect
import
signature
import
logging
# from opensipkd.tools import get_params
...
...
@@ -55,15 +56,21 @@ def get_user(request):
from
pyramid.authentication
import
AuthTktCookieHelper
from
pyramid.authorization
import
ACLHelper
,
Authenticated
,
Everyone
from
.tools.api
import
auth_from_rpc
class
MySecurityPolicy
:
def
__init__
(
self
,
secret
):
self
.
helper
=
AuthTktCookieHelper
(
secret
)
def
identity
(
self
,
request
):
log
.
debug
(
"MySecurityPolicy.identity"
)
identity
=
self
.
helper
.
identify
(
request
)
if
identity
is
None
:
try
:
user
=
auth_from_rpc
(
request
)
identity
=
{
'userid'
:
user
.
id
}
except
Exception
as
e
:
log
.
warning
(
"Failed to authenticate from RPC:
%
s"
,
e
)
return
None
userid
=
identity
[
'userid'
]
...
...
@@ -82,7 +89,6 @@ class MySecurityPolicy:
def
permits
(
self
,
request
,
context
,
permission
):
identity
=
request
.
identity
principals
=
set
([
Everyone
])
if
identity
is
not
None
:
principals
.
add
(
Authenticated
)
principals
.
add
(
identity
[
'userid'
])
...
...
opensipkd/base/tools/api.py
View file @
a45c2b4
from
opensipkd.base
import
get_params
from
opensipkd.base.models
import
(
DBSession
,
User
,
GroupPermission
,
UserDeviceModel
)
from
opensipkd.tools
import
(
...
...
@@ -36,6 +35,7 @@ def auth_from(request, field=None):
header
=
json_rpc_header
(
http_userid
,
user
.
api_key
,
time_stamp
)
if
header
[
'signature'
]
!=
env
[
'HTTP_SIGNATURE'
]:
log
.
warning
(
f
"Server:{header['signature']}, Client:{env['HTTP_SIGNATURE']}"
)
raise
JsonRpcInvalidLoginError
return
user
...
...
@@ -149,5 +149,6 @@ def update_token(user):
return
dict
(
token
=
user
.
security_code
)
def
config_pars_rpc_url
(
params
,
method
=
None
):
from
opensipkd.base
import
get_params
values
=
get_params
(
params
)
return
pars_rpc_url
(
values
,
method
)
\ No newline at end of file
Write
Preview
Markdown
is supported
Attach a file
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to post a comment
