auth.py

import sys
from datetime import datetime
import hmac
import hashlib
import base64
from .exc import (
    JsonRpcInvalidTime,
    JsonRpcInvalidLogin,
    )


begin_unix_time = datetime(1970, 1, 1)


def get_seconds():
    durasi = datetime.utcnow() - begin_unix_time
    return int(durasi.total_seconds())


# Fungsi ini digunakan untuk membuat header dan authentikasi pada rpc client
def get_header(userid, password, time_stamp):
    msg = '&'.join([str(userid), str(time_stamp)])
    msg = msg.encode('utf-8')
    if sys.version_info.major == 2:
        if isinstance(password, unicode):
            password = str(password)
    elif isinstance(password, str):
        password = password.encode('utf-8')
    signature = hmac.new(password, msg=msg, digestmod=hashlib.sha256)
    signature = signature.digest()
    if sys.version_info.major == 2:
        s = base64.encodestring(signature)
    else:
        s = base64.encodebytes(signature)
    if isinstance(s, bytes):
        s = str(s)
    s = s.replace('\n', '')
    return dict(userid=userid, signature=s, key=time_stamp)


lima_menit = 600


# env = request.env

class Auth:
    def __init__(self, env):
        self.env = env
        self.validate_env()
        self.validate_time()

    def validate_env(self):
        if not ('HTTP_USERID' in self.env and
                'HTTP_SIGNATURE' in self.env and
                'HTTP_KEY' in self.env):
            raise JsonRpcInvalidLogin()

    def validate_time(self):
        self.time_stamp = int(self.env['HTTP_KEY'])
        now = get_seconds()
        if abs(now - self.time_stamp) > lima_menit:
            raise JsonRpcInvalidTime()

    def validate_signature(self, api_key):
        header = get_header(self.env['HTTP_USERID'], api_key, self.time_stamp)
        if header['signature'] != self.env['HTTP_SIGNATURE']:
            raise JsonRpcInvalidLogin()