Change Docker V1 index to use verify_credentials
This commit is contained in:
Joseph Schorr
Joseph Schorr
parent
0bcda90c6e
commit
aa49b37ad2
1 changed files with 17 additions and 22 deletions
|
|
@ -8,6 +8,7 @@ from flask import request, make_response, jsonify, session
|
|||
|
||||
from app import authentication, userevents, metric_queue
|
||||
from auth.auth_context import get_authenticated_user, get_validated_token, get_validated_oauth_token
|
||||
from auth.credentials import validate_credentials, CredentialKind
|
||||
from auth.decorators import process_auth
|
||||
from auth.permissions import (
|
||||
ModifyRepositoryPermission, UserAdminPermission, ReadRepositoryPermission,
|
||||
|
|
@ -84,34 +85,28 @@ def create_user():
|
|||
# UGH! we have to use this response when the login actually worked, in order
|
||||
# to get the CLI to try again with a get, and then tell us login succeeded.
|
||||
success = make_response('"Username or email already exists"', 400)
|
||||
result, kind = validate_credentials(username, password)
|
||||
if not result.auth_valid:
|
||||
if kind == CredentialKind.token:
|
||||
abort(400, 'Invalid access token.', issue='invalid-access-token')
|
||||
|
||||
if username == '$token':
|
||||
if model.load_token(password):
|
||||
return success
|
||||
abort(400, 'Invalid access token.', issue='invalid-access-token')
|
||||
if kind == CredentialKind.robot:
|
||||
abort(400, 'Invalid robot account or password.', issue='robot-login-failure')
|
||||
|
||||
elif username == '$oauthtoken':
|
||||
if model.validate_oauth_token(password):
|
||||
return success
|
||||
abort(400, 'Invalid oauth access token.', issue='invalid-oauth-access-token')
|
||||
if kind == CredentialKind.oauth_token:
|
||||
abort(400, 'Invalid oauth access token.', issue='invalid-oauth-access-token')
|
||||
|
||||
elif '+' in username:
|
||||
if model.verify_robot(username, password):
|
||||
return success
|
||||
abort(400, 'Invalid robot account or password.', issue='robot-login-failure')
|
||||
|
||||
(verified, error_message) = authentication.verify_and_link_user(username, password,
|
||||
basic_auth=True)
|
||||
if verified:
|
||||
# Mark that the user was logged in.
|
||||
event = userevents.get_event(username)
|
||||
event.publish_event_data('docker-cli', {'action': 'login'})
|
||||
return success
|
||||
else:
|
||||
# Mark that the login failed.
|
||||
event = userevents.get_event(username)
|
||||
event.publish_event_data('docker-cli', {'action': 'loginfailure'})
|
||||
abort(400, error_message, issue='login-failure')
|
||||
abort(400, result.error_message, issue='login-failure')
|
||||
|
||||
if result.has_user:
|
||||
# Mark that the user was logged in.
|
||||
event = userevents.get_event(username)
|
||||
event.publish_event_data('docker-cli', {'action': 'login'})
|
||||
|
||||
return success
|
||||
|
||||
|
||||
@v1_bp.route('/users', methods=['GET'])
|
||||
|
|
|
|||
Reference in a new issue