Add support for fix user list credentials

2025-03-03 02:33:02 +00:00 · 2019-07-17 18:15:58 +03:00 · 2019-07-17 18:15:58 +03:00 · 1a00f29415
commit 1a00f29415
parent b7614622fc
3 changed files with 46 additions and 11 deletions
--- a/server/database/init.py
+++ b/server/database/init.py
@ -1,3 +1,6 @@
+from os import getenv
+
+from furl import furl
 from jsonmodels import models
 from jsonmodels.errors import ValidationError
 from jsonmodels.fields import StringField
@ -8,9 +11,11 @@ from config import config
 from .defs import Database
 from .utils import get_items

-log = config.logger(__file__)
+log = config.logger("database")

-strict = config.get('apiserver.mongo.strict', True)
+strict = config.get("apiserver.mongo.strict", True)
+
+OVERRIDE_HOST_ENV_KEY = "MONGODB_SERVICE_SERVICE_HOST"

 _entries = []

@ -21,28 +26,39 @@ class DatabaseEntry(models.Base):

    @property
    def health_alias(self):
-        return '__health__' + self.alias
+        return "__health__" + self.alias


 def initialize():
-    db_entries = config.get('hosts.mongo', {})
+    db_entries = config.get("hosts.mongo", {})
    missing = []
-    log.info('Initializing database connections')
+    log.info("Initializing database connections")
+
+    override_hostname = getenv(OVERRIDE_HOST_ENV_KEY)
+    if override_hostname:
+        log.info(f"Using override mongodb host {override_hostname}")
+
    for key, alias in get_items(Database).items():
        if key not in db_entries:
            missing.append(key)
            continue
+
        entry = DatabaseEntry(alias=alias, **db_entries.get(key))
+        if override_hostname:
+            entry.host = furl(entry.host).set(host=override_hostname).url
+
        try:
            entry.validate()
-            log.info('Registering connection to %(alias)s (%(host)s)' % entry.to_struct())
+            log.info(
+                "Registering connection to %(alias)s (%(host)s)" % entry.to_struct()
+            )
            register_connection(alias=alias, host=entry.host)

            _entries.append(entry)
        except ValidationError as ex:
-            raise Exception('Invalid database entry `%s`: %s' % (key, ex.args[0]))
+            raise Exception("Invalid database entry `%s`: %s" % (key, ex.args[0]))
    if missing:
-        raise ValueError('Missing database configuration for %s' % ', '.join(missing))
+        raise ValueError("Missing database configuration for %s" % ", ".join(missing))


 def get_entries():
--- a/server/schema/services/auth.conf
+++ b/server/schema/services/auth.conf
@ -52,6 +52,22 @@ login {
    }
 }

+logout {
+    internal: false
+    allow_roles = [ "*" ]
+    "2.2" {
+        description: """Removes the authentication cookie from the current session"""
+        request {
+            type: object
+            additionalProperties: false
+        }
+        response {
+            type: object
+            additionalProperties: false
+        }
+    }
+}
+
 get_token_for_user {
    "2.1" {
        description: """Get a token for the specified user. Intended for internal use."""
--- a/server/services/auth.py
+++ b/server/services/auth.py
@ -31,10 +31,8 @@ log = config.logger(__file__)
    request_data_model=GetTokenRequest,
    response_data_model=GetTokenResponse,
 )
-def login(call):
+def login(call: APICall, *_, **__):
    """ Generates a token based on the authenticated user (intended for use with credentials) """
-    assert isinstance(call, APICall)
-
    call.result.data_model = AuthBLL.get_token_for_user(
        user_id=call.identity.user,
        company_id=call.identity.company,
@ -47,6 +45,11 @@ def login(call):
    ] = call.result.data_model.token


+@endpoint("auth.logout", min_version="2.2")
+def logout(call: APICall, *_, **__):
+    call.result.cookies[config.get("apiserver.auth.session_auth_cookie_name")] = None
+
+
@endpoint(
    "auth.get_token_for_user",
    request_data_model=GetTokenForUserRequest,