summaryrefslogtreecommitdiff
path: root/src/services/api
diff options
context:
space:
mode:
authorYouyuan <83439858+Yuanandcircle@users.noreply.github.com>2023-02-28 19:17:44 +0800
committerGitHub <noreply@github.com>2023-02-28 19:17:44 +0800
commit112fabb4bbb0aebe91e67d34d9f0678b39c1d1bb (patch)
tree629c9e00e16dd8027d3928333bb17608b8f2e8f9 /src/services/api
parentefd51fb7876d21b59f24a785d4b9e63bf8e4eded (diff)
parent9b88a68001b79583cc2be59b4d6e1af3bed4aecf (diff)
downloadvyos-1x-112fabb4bbb0aebe91e67d34d9f0678b39c1d1bb.tar.gz
vyos-1x-112fabb4bbb0aebe91e67d34d9f0678b39c1d1bb.zip
Merge branch 'vyos:current' into current
Diffstat (limited to 'src/services/api')
-rw-r--r--src/services/api/graphql/graphql/auth_token_mutation.py14
-rw-r--r--src/services/api/graphql/libs/token_auth.py7
-rw-r--r--src/services/api/graphql/session/session.py38
3 files changed, 39 insertions, 20 deletions
diff --git a/src/services/api/graphql/graphql/auth_token_mutation.py b/src/services/api/graphql/graphql/auth_token_mutation.py
index 21ac40094..603a13758 100644
--- a/src/services/api/graphql/graphql/auth_token_mutation.py
+++ b/src/services/api/graphql/graphql/auth_token_mutation.py
@@ -20,6 +20,7 @@ from ariadne import ObjectType, UnionType
from graphql import GraphQLResolveInfo
from .. libs.token_auth import generate_token
+from .. session.session import get_user_info
from .. import state
auth_token_mutation = ObjectType("Mutation")
@@ -36,13 +37,24 @@ def auth_token_resolver(obj: Any, info: GraphQLResolveInfo, data: Dict):
datetime.timedelta(seconds=exp_interval))
res = generate_token(user, passwd, secret, expiration)
- if res:
+ try:
+ res |= get_user_info(user)
+ except ValueError:
+ # non-existent user already caught
+ pass
+ if 'token' in res:
data['result'] = res
return {
"success": True,
"data": data
}
+ if 'errors' in res:
+ return {
+ "success": False,
+ "errors": res['errors']
+ }
+
return {
"success": False,
"errors": ['token generation failed']
diff --git a/src/services/api/graphql/libs/token_auth.py b/src/services/api/graphql/libs/token_auth.py
index 2100eba7f..8585485c9 100644
--- a/src/services/api/graphql/libs/token_auth.py
+++ b/src/services/api/graphql/libs/token_auth.py
@@ -29,14 +29,13 @@ def generate_token(user: str, passwd: str, secret: str, exp: int) -> dict:
payload_data = {'iss': user, 'sub': user_id, 'exp': exp}
secret = state.settings.get('secret')
if secret is None:
- return {
- "success": False,
- "errors": ['failed secret generation']
- }
+ return {"errors": ['missing secret']}
token = jwt.encode(payload=payload_data, key=secret, algorithm="HS256")
users |= {user_id: user}
return {'token': token}
+ else:
+ return {"errors": ['failed pam authentication']}
def get_user_context(request):
context = {}
diff --git a/src/services/api/graphql/session/session.py b/src/services/api/graphql/session/session.py
index b2aef9bd9..3c5a062b6 100644
--- a/src/services/api/graphql/session/session.py
+++ b/src/services/api/graphql/session/session.py
@@ -29,6 +29,28 @@ from api.graphql.libs.op_mode import normalize_output
op_mode_include_file = os.path.join(directories['data'], 'op-mode-standardized.json')
+def get_config_dict(path=[], effective=False, key_mangling=None,
+ get_first_key=False, no_multi_convert=False,
+ no_tag_node_value_mangle=False):
+ config = Config()
+ return config.get_config_dict(path=path, effective=effective,
+ key_mangling=key_mangling,
+ get_first_key=get_first_key,
+ no_multi_convert=no_multi_convert,
+ no_tag_node_value_mangle=no_tag_node_value_mangle)
+
+def get_user_info(user):
+ user_info = {}
+ info = get_config_dict(['system', 'login', 'user', user],
+ get_first_key=True)
+ if not info:
+ raise ValueError("No such user")
+
+ user_info['user'] = user
+ user_info['full_name'] = info.get('full-name', '')
+
+ return user_info
+
class Session:
"""
Wrapper for calling configsession functions based on GraphQL requests.
@@ -46,17 +68,6 @@ class Session:
except Exception:
self._op_mode_list = None
- @staticmethod
- def _get_config_dict(path=[], effective=False, key_mangling=None,
- get_first_key=False, no_multi_convert=False,
- no_tag_node_value_mangle=False):
- config = Config()
- return config.get_config_dict(path=path, effective=effective,
- key_mangling=key_mangling,
- get_first_key=get_first_key,
- no_multi_convert=no_multi_convert,
- no_tag_node_value_mangle=no_tag_node_value_mangle)
-
def show_config(self):
session = self._session
data = self._data
@@ -134,10 +145,7 @@ class Session:
user_info = {}
user = data['user']
try:
- info = self._get_config_dict(['system', 'login', 'user', user,
- 'full-name'])
- user_info['user'] = user
- user_info['full_name'] = info.get('full-name', '')
+ user_info = get_user_info(user)
except Exception as error:
raise error