mirror/service
1
0
Fork 0
mirror of https://github.com/fuckpiracyshield/service.git synced 2024-11-21 20:59:46 +01:00
Code Issues Projects Releases Packages Wiki Activity

Reworked some parts of the code and moved some logic here instead of leaving it in the API.

Browse source
This commit is contained in:
Daniele Maglie 2024-01-21 14:26:13 +01:00
parent 6ce487888a
commit c82d4683b9
20 changed files with 1075 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
src/piracyshield_service/account/session/__init__.py Normal file
View file

@ -0,0 +1 @@

69
src/piracyshield_service/account/session/create.py Normal file
View file

@ -0,0 +1,69 @@
from __future__ import annotations
from piracyshield_service.base import BaseService
from piracyshield_component.config import Config
from piracyshield_component.exception import ApplicationException
from piracyshield_data_storage.account.session.memory import AccountSessionMemory, AccountSessionMemorySetException, AccountSessionMemoryGetException
from piracyshield_service.account.session.create_long_session import AccountSessionCreateLongSessionService
from piracyshield_service.account.session.create_short_session import AccountSessionCreateShortSessionService
class AccountSessionCreateService(BaseService):
"""
Records a session.
We use the refresh token as the root of all the generated tokens, so we don't invalidate other ongoing sessions by saving them all indiscriminately.
"""
account_session_create_short_session_service = None
account_session_create_long_session_service = None
def __init__(self):
"""
Inizialize logger and required modules.
"""
super().__init__()
self._prepare_configs()
self._prepare_modules()
def execute(self, refresh_token: str, access_token: str, account_id: str, ip_address: str) -> bool | Exception:
self.account_session_create_long_session_service.execute(
refresh_token = refresh_token,
access_token = access_token,
account_id = account_id,
ip_address = ip_address
)
self.account_session_create_short_session_service.execute(
refresh_token = refresh_token,
access_token = access_token,
account_id = account_id,
ip_address = ip_address
)
return True
def _schedule_task(self):
pass
def _validate_parameters(self):
pass
def _prepare_configs(self):
pass
def _prepare_modules(self) -> None:
"""
Initialize and set the instances.
"""
self.account_session_create_long_session_service = AccountSessionCreateLongSessionService()
self.account_session_create_short_session_service = AccountSessionCreateShortSessionService()

86
src/piracyshield_service/account/session/create_long_session.py Normal file
View file

@ -0,0 +1,86 @@
from __future__ import annotations
from piracyshield_service.base import BaseService
from piracyshield_component.config import Config
from piracyshield_component.utils.time import Time
from piracyshield_component.exception import ApplicationException
from piracyshield_data_storage.account.session.memory import AccountSessionMemory, AccountSessionMemorySetException, AccountSessionMemoryGetException
from piracyshield_service.account.errors import AccountErrorCode, AccountErrorMessage
from datetime import timedelta
class AccountSessionCreateLongSessionService(BaseService):
"""
Records a long session.
"""
jwt_token_config = None
session_config = None
data_memory = None
def __init__(self):
"""
Inizialize logger and required modules.
"""
super().__init__()
self._prepare_configs()
self._prepare_modules()
def execute(self, refresh_token: str, access_token: str, account_id: str, ip_address: str) -> bool | Exception:
# TODO: should we unpack the tokens and set their really real create and expire datetimes?
now = Time.now()
# save the refresh token as a long session
long_session_response = self.data_memory.add_long_session(
account_id = account_id,
refresh_token = refresh_token,
data = {
'ip_address': ip_address,
'created_at': str(now), # roughly accurate
'expires_at': str(now + timedelta(seconds = self.jwt_token_config.get('refresh_expiration_time')))
},
duration = self.jwt_token_config.get('refresh_expiration_time')
)
if not long_session_response:
self.logger.error(f"Could not create a long session for `{account_id}`")
raise ApplicationException(AccountErrorCode.GENERIC, AccountErrorMessage.GENERIC)
self.logger.debug(f"Long session created for `{account_id}`")
return True
def _schedule_task(self):
pass
def _validate_parameters(self):
pass
def _prepare_configs(self) -> None:
"""
Loads the configs.
"""
self.session_config = Config('security/session')
self.jwt_token_config = Config('security/token').get('jwt_token')
def _prepare_modules(self) -> None:
"""
Initialize and set the instances.
"""
self.data_memory = AccountSessionMemory(
database = self.session_config.get('database').get('memory_database')
)

90
src/piracyshield_service/account/session/create_short_session.py Normal file
View file

@ -0,0 +1,90 @@
from __future__ import annotations
from piracyshield_service.base import BaseService
from piracyshield_component.config import Config
from piracyshield_component.utils.time import Time
from piracyshield_component.exception import ApplicationException
from piracyshield_data_storage.account.session.memory import AccountSessionMemory, AccountSessionMemorySetException, AccountSessionMemoryGetException
from piracyshield_service.account.errors import AccountErrorCode, AccountErrorMessage
from datetime import timedelta
class AccountSessionCreateShortSessionService(BaseService):
"""
Records a short session.
"""
jwt_token_config = None
session_config = None
data_memory = None
def __init__(self):
"""
Inizialize logger and required modules.
"""
super().__init__()
self._prepare_configs()
self._prepare_modules()
def execute(self, refresh_token: str, access_token: str, account_id: str, ip_address: str) -> bool | Exception:
# TODO: should we unpack the tokens and set their really real create and expire datetimes?
now = Time.now()
# short sessions could have been stored in a list, but because they all have different expire times,
# and we don't want to expire them manually (automatically is something not yet possible in Redis),
# we will store them in a string
short_session_response = self.data_memory.add_short_session(
account_id = account_id,
refresh_token = refresh_token,
access_token = access_token,
data = {
'refresh_token': refresh_token,
'ip_address': ip_address,
'created_at': str(now),
'expires_at': str(now + timedelta(seconds = self.jwt_token_config.get('access_expiration_time')))
},
duration = self.jwt_token_config.get('access_expiration_time')
)
if not short_session_response:
self.logger.error(f"Could not create a short session for `{account_id}`")
raise ApplicationException(AccountErrorCode.GENERIC, AccountErrorMessage.GENERIC)
self.logger.debug(f"Short session created for `{account_id}`")
return True
def _schedule_task(self):
pass
def _validate_parameters(self):
pass
def _prepare_configs(self) -> None:
"""
Loads the configs.
"""
self.session_config = Config('security/session')
self.jwt_token_config = Config('security/token').get('jwt_token')
def _prepare_modules(self) -> None:
"""
Initialize and set the instances.
"""
self.data_memory = AccountSessionMemory(
database = self.session_config.get('database').get('memory_database')
)

120
src/piracyshield_service/account/session/destroy_current_sessions.py Normal file
View file

@ -0,0 +1,120 @@
from __future__ import annotations
from piracyshield_service.base import BaseService
from piracyshield_component.config import Config
from piracyshield_component.utils.time import Time
from piracyshield_component.exception import ApplicationException
from piracyshield_data_storage.account.session.memory import AccountSessionMemory, AccountSessionMemorySetException, AccountSessionMemoryGetException
from piracyshield_service.account.session.get_current_by_account import AccountSessionGetCurrentByAccountService
from piracyshield_service.account.session.remove_long_session import AccountSessionRemoveLongSessionService
from piracyshield_service.account.session.remove_short_session import AccountSessionRemoveShortSessionService
from piracyshield_service.security.blacklist.add_refresh_token import SecurityBlacklistAddRefreshTokenService
from piracyshield_service.security.blacklist.add_access_token import SecurityBlacklistAddAccessTokenService
from dateutil.parser import parse
class AccountSessionDestroyCurrentSessionsService(BaseService):
"""
Blacklists current sessions since we're logging out.
"""
security_blacklist_add_access_token_service = None
security_blacklist_add_refresh_token_service = None
account_session_remove_short_session_service = None
account_session_remove_long_session_service = None
account_session_get_current_by_account_service = None
session_config = None
data_storage = None
def __init__(self):
"""
Inizialize logger and required modules.
"""
super().__init__()
self._prepare_configs()
self._prepare_modules()
def execute(self, account_id: str, current_access_token: str) -> bool | Exception:
long_session, short_sessions = self.account_session_get_current_by_account_service.execute(
account_id = account_id,
current_access_token = current_access_token
)
now = Time.now()
long_token_blacklist_delay = parse(long_session.get('expires_at')) - now
long_token_blacklist_duration = round(long_token_blacklist_delay.total_seconds())
self.security_blacklist_add_refresh_token_service.execute(
refresh_token = long_session.get('token'),
duration = long_token_blacklist_duration
)
self.account_session_remove_long_session_service.execute(
account_id = account_id,
refresh_token = long_session.get('token')
)
for short_session in short_sessions:
short_token_blacklist_delay = parse(short_session.get('expires_at')) - now
short_token_blacklist_duration = round(short_token_blacklist_delay.total_seconds())
self.security_blacklist_add_access_token_service.execute(
access_token = short_session.get('token'),
duration = short_token_blacklist_duration
)
self.account_session_remove_short_session_service.execute(
account_id = account_id,
access_token = short_session.get('token')
)
return True
def _schedule_task(self):
pass
def _validate_parameters(self):
pass
def _prepare_configs(self) -> None:
"""
Loads the configs.
"""
self.session_config = Config('security/session')
def _prepare_modules(self) -> None:
"""
Initialize and set the instances.
"""
self.data_memory = AccountSessionMemory(
database = self.session_config.get('database').get('memory_database')
)
self.account_session_get_current_by_account_service = AccountSessionGetCurrentByAccountService()
self.account_session_remove_long_session_service = AccountSessionRemoveLongSessionService()
self.account_session_remove_short_session_service = AccountSessionRemoveShortSessionService()
self.security_blacklist_add_refresh_token_service = SecurityBlacklistAddRefreshTokenService()
self.security_blacklist_add_access_token_service = SecurityBlacklistAddAccessTokenService()

56
src/piracyshield_service/account/session/find_long_session.py Normal file
View file

@ -0,0 +1,56 @@
from __future__ import annotations
from piracyshield_service.base import BaseService
from piracyshield_component.config import Config
from piracyshield_component.exception import ApplicationException
from piracyshield_data_storage.account.session.memory import AccountSessionMemory, AccountSessionMemorySetException, AccountSessionMemoryGetException
class AccountSessionFindLongSessionService(BaseService):
"""
Searches for an specific long session.
"""
session_config = None
data_storage = None
def __init__(self):
"""
Inizialize logger and required modules.
"""
super().__init__()
self._prepare_configs()
self._prepare_modules()
def execute(self, refresh_token: str) -> bool | Exception:
return self.data_memory.find_long_session(
refresh_token = refresh_token
)
def _schedule_task(self):
pass
def _validate_parameters(self):
pass
def _prepare_configs(self) -> None:
"""
Loads the configs.
"""
self.session_config = Config('security/session')
def _prepare_modules(self) -> None:
"""
Initialize and set the instances.
"""
self.data_memory = AccountSessionMemory(
database = self.session_config.get('database').get('memory_database')
)

96
src/piracyshield_service/account/session/get_all_by_account_ordered.py Normal file
View file

@ -0,0 +1,96 @@
from __future__ import annotations
from piracyshield_service.base import BaseService
from piracyshield_component.config import Config
from piracyshield_component.exception import ApplicationException
from piracyshield_data_storage.account.session.memory import AccountSessionMemory, AccountSessionMemorySetException, AccountSessionMemoryGetException
class AccountSessionGetAllByAccountOrderedService(BaseService):
"""
Retrieves all active sessions ordering them.
"""
session_config = None
data_storage = None
def __init__(self):
"""
Inizialize logger and required modules.
"""
super().__init__()
self._prepare_configs()
self._prepare_modules()
def execute(self, account_id: str, current_access_token: str) -> bool | Exception:
# NOTE: have some optimizations in all of this.
sessions = self.data_memory.get_all_by_account(
account_id = account_id
)
long_sessions = []
short_sessions = []
for entry in sessions:
(_, _, genre, token) = entry.split(':')
session = {
'metadata': self.data_memory.get_session(entry)
}
if genre == 'long':
session['long_session'] = token
long_sessions.append(session)
elif genre == 'short':
session['short_session'] = token
if token in current_access_token:
session['is_current'] = True
short_sessions.append(session)
for long_session in long_sessions:
long_session['short_sessions'] = []
for short_session in short_sessions:
if short_session.get('metadata').get('refresh_token') == long_session.get('long_session'):
long_session['short_sessions'].append(short_session)
# if it's the currently used short session we can safely say that this is its long sessions
if short_session.get('is_current') == True:
long_session['is_current'] = True
return {
'long_sessions': long_sessions
}
def _schedule_task(self):
pass
def _validate_parameters(self):
pass
def _prepare_configs(self) -> None:
"""
Loads the configs.
"""
self.session_config = Config('security/session')
def _prepare_modules(self) -> None:
"""
Initialize and set the instances.
"""
self.data_memory = AccountSessionMemory(
database = self.session_config.get('database').get('memory_database')
)

97
src/piracyshield_service/account/session/get_current_by_account.py Normal file
View file

@ -0,0 +1,97 @@
from __future__ import annotations
from piracyshield_service.base import BaseService
from piracyshield_component.config import Config
from piracyshield_component.exception import ApplicationException
from piracyshield_data_storage.account.session.memory import AccountSessionMemory, AccountSessionMemorySetException, AccountSessionMemoryGetException
class AccountSessionGetCurrentByAccountService(BaseService):
"""
Retrieves all the current sessions only.
"""
session_config = None
data_storage = None
def __init__(self):
"""
Inizialize logger and required modules.
"""
super().__init__()
self._prepare_configs()
self._prepare_modules()
def execute(self, account_id: str, current_access_token: str) -> bool | Exception:
# NOTE: have some optimizations in all of this.
sessions = self.data_memory.get_all_short_by_account(
account_id = account_id
)
long_session = None
short_sessions = []
# find the first short session to get back the long session
for entry in sessions:
(_, _, genre, token) = entry.split(':')
# we found the current session
if token in current_access_token:
session = self.data_memory.get_session(entry)
session['token'] = token
short_sessions.append(session)
# TODO: need to deal with this in the storage.
# let's save the long session as well
long_session = self.data_memory.get_session(f'session:{account_id}:long:{session.get('refresh_token')}')
long_session['token'] = session.get('refresh_token')
# avoid reappending the same session when we redo all of this
sessions.remove(entry)
break
for entry in sessions:
(_, _, genre, token) = entry.split(':')
session = self.data_memory.get_session(entry)
if session.get('refresh_token') == long_session.get('token'):
session['token'] = token
short_sessions.append(session)
return (long_session, short_sessions)
def _schedule_task(self):
pass
def _validate_parameters(self):
pass
def _prepare_configs(self) -> None:
"""
Loads the configs.
"""
self.session_config = Config('security/session')
def _prepare_modules(self) -> None:
"""
Initialize and set the instances.
"""
self.data_memory = AccountSessionMemory(
database = self.session_config.get('database').get('memory_database')
)

57
src/piracyshield_service/account/session/remove_long_session.py Normal file
View file

@ -0,0 +1,57 @@
from __future__ import annotations
from piracyshield_service.base import BaseService
from piracyshield_component.config import Config
from piracyshield_component.exception import ApplicationException
from piracyshield_data_storage.account.session.memory import AccountSessionMemory, AccountSessionMemorySetException, AccountSessionMemoryGetException
class AccountSessionRemoveLongSessionService(BaseService):
"""
Removes a long session.
"""
session_config = None
data_storage = None
def __init__(self):
"""
Inizialize logger and required modules.
"""
super().__init__()
self._prepare_configs()
self._prepare_modules()
def execute(self, account_id: str, refresh_token: str) -> bool | Exception:
return self.data_memory.remove_long_session(
account_id = account_id,
refresh_token = refresh_token
)
def _schedule_task(self):
pass
def _validate_parameters(self):
pass
def _prepare_configs(self) -> None:
"""
Loads the configs.
"""
self.session_config = Config('security/session')
def _prepare_modules(self) -> None:
"""
Initialize and set the instances.
"""
self.data_memory = AccountSessionMemory(
database = self.session_config.get('database').get('memory_database')
)

57
src/piracyshield_service/account/session/remove_short_session.py Normal file
View file

@ -0,0 +1,57 @@
from __future__ import annotations
from piracyshield_service.base import BaseService
from piracyshield_component.config import Config
from piracyshield_component.exception import ApplicationException
from piracyshield_data_storage.account.session.memory import AccountSessionMemory, AccountSessionMemorySetException, AccountSessionMemoryGetException
class AccountSessionRemoveShortSessionService(BaseService):
"""
Removes a short session.
"""
session_config = None
data_storage = None
def __init__(self):
"""
Inizialize logger and required modules.
"""
super().__init__()
self._prepare_configs()
self._prepare_modules()
def execute(self, account_id: str, access_token: str) -> bool | Exception:
return self.data_memory.remove_short_session(
account_id = account_id,
access_token = access_token
)
def _schedule_task(self):
pass
def _validate_parameters(self):
pass
def _prepare_configs(self) -> None:
"""
Loads the configs.
"""
self.session_config = Config('security/session')
def _prepare_modules(self) -> None:
"""
Initialize and set the instances.
"""
self.data_memory = AccountSessionMemory(
database = self.session_config.get('database').get('memory_database')
)

43
src/piracyshield_service/authentication/authenticate.py
View file

@ -11,6 +11,10 @@ from piracyshield_data_model.authentication.model import AuthenticationModel, Au
from piracyshield_data_storage.authentication.storage import AuthenticationStorage, AuthenticationStorageGetException from piracyshield_data_storage.authentication.storage import AuthenticationStorage, AuthenticationStorageGetException
from piracyshield_service.authentication.get import AuthenticationGetService from piracyshield_service.authentication.get import AuthenticationGetService
from piracyshield_service.authentication.generate_access_token import AuthenticationGenerateAccessTokenService
from piracyshield_service.authentication.generate_refresh_token import AuthenticationGenerateRefreshTokenService
from piracyshield_service.account.session.create import AccountSessionCreateService
from piracyshield_service.security.anti_brute_force import SecurityAntiBruteForceService from piracyshield_service.security.anti_brute_force import SecurityAntiBruteForceService
@ -22,6 +26,12 @@ class AuthenticationAuthenticateService(BaseService):
Credentials based authentication. Credentials based authentication.
""" """
authentication_generate_access_token_service = None
authentication_generate_refresh_token_service = None
account_session_create_service = None
security_anti_brute_force_service = None security_anti_brute_force_service = None
authentication_get_service = None authentication_get_service = None
@ -34,8 +44,6 @@ class AuthenticationAuthenticateService(BaseService):
hasher_config = None hasher_config = None
login_config = None
def __init__(self): def __init__(self):
""" """
Inizialize logger and required modules. Inizialize logger and required modules.
@ -73,7 +81,22 @@ class AuthenticationAuthenticateService(BaseService):
self.logger.debug(f"Account `{account.get('email')}` correctly authenticated.") self.logger.debug(f"Account `{account.get('email')}` correctly authenticated.")
return self._build_payload(account) # get the payload to encode
payload = self._build_payload(account)
# generate token pairs
refresh_token = self.authentication_generate_refresh_token_service.execute(payload)
access_token = self.authentication_generate_access_token_service.execute(payload)
# create a new session for this account
self.account_session_create_service.execute(
account_id = account.get('account_id'),
refresh_token = refresh_token,
access_token = access_token,
ip_address = ip_address
)
return (access_token, refresh_token)
def _verify_password(self, password: str, hashed_password: str) -> bool: def _verify_password(self, password: str, hashed_password: str) -> bool:
""" """
@ -127,10 +150,10 @@ class AuthenticationAuthenticateService(BaseService):
Loads the configs. Loads the configs.
""" """
self.security_anti_brute_force_config = Config('security/anti_brute_force').get('general')
self.hasher_config = Config('security/token').get('hasher') self.hasher_config = Config('security/token').get('hasher')
self.security_anti_brute_force_config = Config('security/anti_brute_force').get('general')
def _prepare_modules(self) -> None: def _prepare_modules(self) -> None:
""" """
Initialize and set the instances. Initialize and set the instances.
@ -138,6 +161,8 @@ class AuthenticationAuthenticateService(BaseService):
self.data_model = AuthenticationModel self.data_model = AuthenticationModel
self.data_storage = AuthenticationStorage()
self.hasher = Hasher( self.hasher = Hasher(
time_cost = self.hasher_config.get('time_cost'), time_cost = self.hasher_config.get('time_cost'),
memory_cost = self.hasher_config.get('memory_cost'), memory_cost = self.hasher_config.get('memory_cost'),
@ -146,8 +171,12 @@ class AuthenticationAuthenticateService(BaseService):
salt_length = self.hasher_config.get('salt_length') salt_length = self.hasher_config.get('salt_length')
) )
self.data_storage = AuthenticationStorage()
self.authentication_get_service = AuthenticationGetService() self.authentication_get_service = AuthenticationGetService()
self.authentication_generate_access_token_service = AuthenticationGenerateAccessTokenService()
self.authentication_generate_refresh_token_service = AuthenticationGenerateRefreshTokenService()
self.account_session_create_service = AccountSessionCreateService()
self.security_anti_brute_force_service = SecurityAntiBruteForceService() self.security_anti_brute_force_service = SecurityAntiBruteForceService()

14
src/piracyshield_service/authentication/generate_access_token.py
View file

@ -16,7 +16,7 @@ class AuthenticationGenerateAccessTokenService(BaseService):
token = None token = None
jwt_config = None jwt_token_config = None
def __init__(self): def __init__(self):
""" """
@ -49,7 +49,7 @@ class AuthenticationGenerateAccessTokenService(BaseService):
Loads the configs. Loads the configs.
""" """
self.jwt_config = Config('security/token').get('jwt_token') self.jwt_token_config = Config('security/token').get('jwt_token')
def _prepare_modules(self) -> None: def _prepare_modules(self) -> None:
""" """
@ -57,9 +57,9 @@ class AuthenticationGenerateAccessTokenService(BaseService):
""" """
self.token = JWTToken( self.token = JWTToken(
access_secret_key = self.jwt_config.get('access_secret_key'), access_secret_key = self.jwt_token_config.get('access_secret_key'),
refresh_secret_key = self.jwt_config.get('refresh_secret_key'), refresh_secret_key = self.jwt_token_config.get('refresh_secret_key'),
access_expiration_time = self.jwt_config.get('access_expiration_time'), access_expiration_time = self.jwt_token_config.get('access_expiration_time'),
refresh_expiration_time = self.jwt_config.get('refresh_expiration_time'), refresh_expiration_time = self.jwt_token_config.get('refresh_expiration_time'),
algorithm = self.jwt_config.get('algorithm') algorithm = self.jwt_token_config.get('algorithm')
) )

14
src/piracyshield_service/authentication/generate_refresh_token.py
View file

@ -16,7 +16,7 @@ class AuthenticationGenerateRefreshTokenService(BaseService):
token = None token = None
jwt_config = None jwt_token_config = None
def __init__(self): def __init__(self):
""" """
@ -49,7 +49,7 @@ class AuthenticationGenerateRefreshTokenService(BaseService):
Loads the configs. Loads the configs.
""" """
self.jwt_config = Config('security/token').get('jwt_token') self.jwt_token_config = Config('security/token').get('jwt_token')
def _prepare_modules(self) -> None: def _prepare_modules(self) -> None:
""" """
@ -57,9 +57,9 @@ class AuthenticationGenerateRefreshTokenService(BaseService):
""" """
self.token = JWTToken( self.token = JWTToken(
access_secret_key = self.jwt_config.get('access_secret_key'), access_secret_key = self.jwt_token_config.get('access_secret_key'),
refresh_secret_key = self.jwt_config.get('refresh_secret_key'), refresh_secret_key = self.jwt_token_config.get('refresh_secret_key'),
access_expiration_time = self.jwt_config.get('access_expiration_time'), access_expiration_time = self.jwt_token_config.get('access_expiration_time'),
refresh_expiration_time = self.jwt_config.get('refresh_expiration_time'), refresh_expiration_time = self.jwt_token_config.get('refresh_expiration_time'),
algorithm = self.jwt_config.get('algorithm') algorithm = self.jwt_token_config.get('algorithm')
) )

104
src/piracyshield_service/authentication/refresh_access_token.py Normal file
View file

@ -0,0 +1,104 @@
from __future__ import annotations
from piracyshield_service.base import BaseService
from piracyshield_component.config import Config
from piracyshield_component.exception import ApplicationException
from piracyshield_service.authentication.verify_refresh_token import AuthenticationVerifyRefreshTokenService
from piracyshield_service.authentication.generate_access_token import AuthenticationGenerateAccessTokenService
from piracyshield_service.account.session.find_long_session import AccountSessionFindLongSessionService
from piracyshield_service.account.session.create_short_session import AccountSessionCreateShortSessionService
from piracyshield_service.security.anti_brute_force import SecurityAntiBruteForceService
from piracyshield_service.authentication.errors import AuthenticationErrorCode, AuthenticationErrorMessage
class AuthenticationRefreshAccessTokenService(BaseService):
"""
Refreshes the access token provided a valid and active refresh token.
"""
authentication_generate_access_token_service = None
authentication_verify_refresh_token_service = None
account_session_find_long_session_service = None
account_session_create_short_session_service = None
jwt_token_config = None
def __init__(self):
"""
Inizialize logger and required modules.
"""
super().__init__()
self._prepare_configs()
self._prepare_modules()
def execute(self, refresh_token: str, ip_address: str) -> dict | Exception:
# TODO: verify if blacklisted.
# verify the token and unwrap the payload
payload = self.authentication_verify_refresh_token_service.execute(
token = refresh_token
)
# retrieve the long session data so we can check out which account identifier is assigned to this new token
long_session = self.account_session_find_long_session_service.execute(
refresh_token = refresh_token
)
account_id = None
if long_session:
(_, account_id, _, _) = long_session.split(':')
else:
self.logger.error(f"Could not find a long session for this refresh token `{refresh_token}`")
raise ApplicationException(AuthenticationErrorCode.GENERIC, AuthenticationErrorMessage.GENERIC)
access_token = self.authentication_generate_access_token_service.execute(payload)
# create a new session for this user
self.account_session_create_short_session_service.execute(
refresh_token = refresh_token,
access_token = access_token,
account_id = account_id,
ip_address = ip_address
)
return access_token
def _schedule_task(self):
pass
def _validate_parameters(self):
pass
def _prepare_configs(self) -> None:
"""
Loads the configs.
"""
self.jwt_token_config = Config('security/token').get('jwt_token')
def _prepare_modules(self) -> None:
"""
Initialize and set the instances.
"""
self.authentication_verify_refresh_token_service = AuthenticationVerifyRefreshTokenService()
self.authentication_generate_access_token_service = AuthenticationGenerateAccessTokenService()
self.account_session_find_long_session_service = AccountSessionFindLongSessionService()
self.account_session_create_short_session_service = AccountSessionCreateShortSessionService()

16
src/piracyshield_service/security/blacklist/create.py → src/piracyshield_service/security/blacklist/add_access_token.py
View file

@ -5,14 +5,14 @@ from piracyshield_service.base import BaseService
from piracyshield_component.config import Config from piracyshield_component.config import Config
from piracyshield_component.exception import ApplicationException from piracyshield_component.exception import ApplicationException
from piracyshield_data_storage.security.memory import SecurityMemory, SecurityMemorySetException, SecurityMemoryGetException from piracyshield_data_storage.security.blacklist.memory import SecurityBlacklistMemory, SecurityBlacklistMemorySetException, SecurityBlacklistMemoryGetException
from piracyshield_service.security.errors import SecurityErrorCode, SecurityErrorMessage from piracyshield_service.security.errors import SecurityErrorCode, SecurityErrorMessage
class SecurityBlacklistCreateService(BaseService): class SecurityBlacklistAddAccessTokenService(BaseService):
""" """
Blacklists an item. Blacklists an access token.
""" """
blacklist_config = None blacklist_config = None
@ -30,14 +30,14 @@ class SecurityBlacklistCreateService(BaseService):
self._prepare_modules() self._prepare_modules()
def execute(self, item: str, duration: int) -> bool | Exception: def execute(self, access_token: str, duration: int) -> bool | Exception:
response = self.data_memory.add_to_blacklist( response = self.data_memory.add_access_token(
item = item, access_token = access_token,
duration = duration duration = duration
) )
if response == True: if response == True:
self.logger.warning(f"Blacklist item `{item}` has been created for {duration} seconds") self.logger.warning(f"New access token has been blacklisted for {duration} seconds")
return True return True
@ -61,6 +61,6 @@ class SecurityBlacklistCreateService(BaseService):
Initialize and set the instances. Initialize and set the instances.
""" """
self.data_memory = SecurityMemory( self.data_memory = SecurityBlacklistMemory(
database = self.blacklist_config.get('database').get('memory_database') database = self.blacklist_config.get('database').get('memory_database')
) )

66
src/piracyshield_service/security/blacklist/add_refresh_token.py Normal file
View file

@ -0,0 +1,66 @@
from __future__ import annotations
from piracyshield_service.base import BaseService
from piracyshield_component.config import Config
from piracyshield_component.exception import ApplicationException
from piracyshield_data_storage.security.blacklist.memory import SecurityBlacklistMemory, SecurityBlacklistMemorySetException, SecurityBlacklistMemoryGetException
from piracyshield_service.security.errors import SecurityErrorCode, SecurityErrorMessage
class SecurityBlacklistAddRefreshTokenService(BaseService):
"""
Blacklists a refresh token.
"""
blacklist_config = None
data_storage = None
def __init__(self):
"""
Inizialize logger and required modules.
"""
super().__init__()
self._prepare_configs()
self._prepare_modules()
def execute(self, refresh_token: str, duration: int) -> bool | Exception:
response = self.data_memory.add_refresh_token(
refresh_token = refresh_token,
duration = duration
)
if response == True:
self.logger.warning(f"New refresh token has been blacklisted for {duration} seconds")
return True
return response
def _schedule_task(self):
pass
def _validate_parameters(self):
pass
def _prepare_configs(self) -> None:
"""
Loads the configs.
"""
self.blacklist_config = Config('security/blacklist')
def _prepare_modules(self) -> None:
"""
Initialize and set the instances.
"""
self.data_memory = SecurityBlacklistMemory(
database = self.blacklist_config.get('database').get('memory_database')
)

58
src/piracyshield_service/security/blacklist/exists_by_access_token.py Normal file
View file

@ -0,0 +1,58 @@
from __future__ import annotations
from piracyshield_service.base import BaseService
from piracyshield_component.config import Config
from piracyshield_component.exception import ApplicationException
from piracyshield_data_storage.security.blacklist.memory import SecurityBlacklistMemory, SecurityBlacklistMemorySetException, SecurityBlacklistMemoryGetException
from piracyshield_service.security.errors import SecurityErrorCode, SecurityErrorMessage
class SecurityBlacklistExistsByAccessTokenService(BaseService):
"""
Checks if an access token has been blacklisted.
"""
blacklist_config = None
data_storage = None
def __init__(self):
"""
Inizialize logger and required modules.
"""
super().__init__()
self._prepare_configs()
self._prepare_modules()
def execute(self, access_token: str) -> bool | Exception:
return self.data_memory.exists_by_access_token(
access_token = access_token
)
def _schedule_task(self):
pass
def _validate_parameters(self):
pass
def _prepare_configs(self) -> None:
"""
Loads the configs.
"""
self.blacklist_config = Config('security/blacklist')
def _prepare_modules(self) -> None:
"""
Initialize and set the instances.
"""
self.data_memory = SecurityBlacklistMemory(
database = self.blacklist_config.get('database').get('memory_database')
)

58
src/piracyshield_service/security/blacklist/exists_by_refresh_token.py Normal file
View file

@ -0,0 +1,58 @@
from __future__ import annotations
from piracyshield_service.base import BaseService
from piracyshield_component.config import Config
from piracyshield_component.exception import ApplicationException
from piracyshield_data_storage.security.blacklist.memory import SecurityBlacklistMemory, SecurityBlacklistMemorySetException, SecurityBlacklistMemoryGetException
from piracyshield_service.security.errors import SecurityErrorCode, SecurityErrorMessage
class SecurityBlacklistExistsByRefreshTokenService(BaseService):
"""
Checks if a refresh token has been blacklisted.
"""
blacklist_config = None
data_storage = None
def __init__(self):
"""
Inizialize logger and required modules.
"""
super().__init__()
self._prepare_configs()
self._prepare_modules()
def execute(self, refresh_token: str) -> bool | Exception:
return self.data_memory.exists_by_refresh_token(
refresh_token = refresh_token
)
def _schedule_task(self):
pass
def _validate_parameters(self):
pass
def _prepare_configs(self) -> None:
"""
Loads the configs.
"""
self.blacklist_config = Config('security/blacklist')
def _prepare_modules(self) -> None:
"""
Initialize and set the instances.
"""
self.data_memory = SecurityBlacklistMemory(
database = self.blacklist_config.get('database').get('memory_database')
)

1
src/piracyshield_service/security/session/__init__.py Normal file
View file

@ -0,0 +1 @@

8
src/piracyshield_service/ticket/relation/establish.py
View file

@ -127,8 +127,6 @@ class TicketRelationEstablishService(BaseService):
value = value value = value
) )
print(" r -> ", found_tickets)
# no ticket item found # no ticket item found
if not len(found_tickets): if not len(found_tickets):
return False return False
@ -137,7 +135,6 @@ class TicketRelationEstablishService(BaseService):
if len(found_tickets): if len(found_tickets):
# but let's search for a ticket error in this case # but let's search for a ticket error in this case
for ticket_blocking in found_tickets: for ticket_blocking in found_tickets:
print(" tb -> ", ticket_blocking)
ticket_errors = self.ticket_error_get_by_ticket_service.execute( ticket_errors = self.ticket_error_get_by_ticket_service.execute(
ticket_blocking.get('ticket_id') ticket_blocking.get('ticket_id')
) )
@ -145,11 +142,8 @@ class TicketRelationEstablishService(BaseService):
# found one, let's search for our item # found one, let's search for our item
if len(ticket_errors): if len(ticket_errors):
for ticket_error_response in ticket_errors: for ticket_error_response in ticket_errors:
print(ticket_error_response)
print(ticket_error_response.get(genre))
# found the item, so we don't have any duplicate # found the item, so we don't have any duplicate
if value in ticket_error_response.get(genre): if genre in ticket_error_response and ticket_error_response.get(genre) and value in ticket_error_response.get(genre):
return False return False
return True return True