External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-02-28 16:28:43 -03:30
Code Issues Packages Projects Releases Wiki Activity

add auth_token verification to websocket

Browse Source
This commit is contained in:
Wayne Witzel III
2016-10-24 19:42:53 -04:00
parent 04bfdf8617
commit ced3c41df9
2 changed files with 45 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
awx/main/consumers.py
View File

@@ -1,20 +1,64 @@
import json import json
import urlparse
from channels import Group from channels import Group
from channels.sessions import channel_session from channels.sessions import channel_session
from django.contrib.auth.models import User
from awx.main.models.organization import AuthToken
def discard_groups(message): def discard_groups(message):
if 'groups' in message.channel_session: if 'groups' in message.channel_session:
for group in message.channel_session['groups']: for group in message.channel_session['groups']:
Group(group).discard(message.reply_channel) Group(group).discard(message.reply_channel)
def validate_token(token):
try:
auth_token = AuthToken.objects.get(key=token)
if not auth_token.in_valid_tokens:
return None
except AuthToken.DoesNotExist:
return None
return auth_token
def user_from_token(auth_token):
try:
return User.objects.get(pk=auth_token.user_id)
except User.DoesNotExist:
return None
@channel_session
def ws_connect(message):
token = None
qs = urlparse.parse_qs(message['query_string'])
if 'token' in qs:
if len(qs['token']) > 0:
token = qs['token'].pop()
message.channel_session['token'] = token
@channel_session @channel_session
def ws_disconnect(message): def ws_disconnect(message):
discard_groups(message) discard_groups(message)
@channel_session @channel_session
def ws_receive(message): def ws_receive(message):
token = message.channel_session.get('token')
auth_token = validate_token(token)
if auth_token is None:
message.reply_channel.send({"text": json.dumps({"error": "invalid auth token"})})
return None
user = user_from_token(auth_token)
if user is None:
message.reply_channel.send({"text": json.dumps({"error": "no valid user"})})
return None
raw_data = message.content['text'] raw_data = message.content['text']
data = json.loads(raw_data) data = json.loads(raw_data)

1
awx/main/routing.py
View File

@@ -2,6 +2,7 @@ from channels.routing import route
channel_routing = [ channel_routing = [
route("websocket.connect", "awx.main.consumers.ws_connect", path=r'^/websocket/$'),
route("websocket.disconnect", "awx.main.consumers.ws_disconnect", path=r'^/websocket/$'), route("websocket.disconnect", "awx.main.consumers.ws_disconnect", path=r'^/websocket/$'),
route("websocket.receive", "awx.main.consumers.ws_receive", path=r'^/websocket/$'), route("websocket.receive", "awx.main.consumers.ws_receive", path=r'^/websocket/$'),
] ]