1
0
mirror of https://github.com/avatao-content/test-tutorial-framework synced 2024-11-15 01:47:16 +00:00

Make webservice run as user and use tfwconnector pip package

This commit is contained in:
Kristóf Tóth 2018-05-11 17:46:15 +02:00
parent ba0f92d2ac
commit 3ee5db6e57
3 changed files with 16 additions and 2 deletions

View File

@ -3,7 +3,8 @@ FROM eu.gcr.io/avatao-challengestore/tutorial-framework
# Install webservice dependencies # Install webservice dependencies
RUN pip3 install Flask==1.0 \ RUN pip3 install Flask==1.0 \
SQLAlchemy==1.2.7 \ SQLAlchemy==1.2.7 \
passlib==1.7.1 passlib==1.7.1 \
git+https://github.com/avatao-content/tfwconnector.git#subdirectory=python3
# Define variables to use later # Define variables to use later
ENV TFW_SERVER_DIR="/srv/.tfw" \ ENV TFW_SERVER_DIR="/srv/.tfw" \
@ -21,7 +22,8 @@ ADD solvable/src/webservice/frontend-deps.tar ${TFW_WEBSERVICE_DIR}/static
# Create IDE directory, symlink server source and give proper permissions to AVATAO_USER # Create IDE directory, symlink server source and give proper permissions to AVATAO_USER
RUN mkdir -p ${TFW_IDE_WD} &&\ RUN mkdir -p ${TFW_IDE_WD} &&\
ln -s ${TFW_WEBSERVICE_DIR}/user_ops.py ${TFW_IDE_WD} &&\ ln -s ${TFW_WEBSERVICE_DIR}/user_ops.py ${TFW_IDE_WD} &&\
chown -R ${AVATAO_USER}: ${TFW_IDE_WD} && chmod -R 755 ${TFW_IDE_WD} chown -R ${AVATAO_USER}: "${TFW_IDE_WD}" "${TFW_WEBSERVICE_DIR}" &&\
chmod -R 755 "${TFW_IDE_WD}" "${TFW_WEBSERVICE_DIR}"
# Hide TFW related code from user # Hide TFW related code from user
RUN chown -R root:root ${TFW_SERVER_DIR} && chmod -R 700 ${TFW_SERVER_DIR} RUN chown -R root:root ${TFW_SERVER_DIR} && chmod -R 700 ${TFW_SERVER_DIR}

View File

@ -1,3 +1,7 @@
from functools import partial
from tfwconnector import MessageSender
from crypto import PasswordHasher from crypto import PasswordHasher
from model import User from model import User
from errors import InvalidCredentialsError, UserExistsError from errors import InvalidCredentialsError, UserExistsError
@ -8,6 +12,8 @@ class UserOps:
self.username = username self.username = username
self.password = password self.password = password
self.db_session = db_session self.db_session = db_session
self.message_sender = MessageSender()
self.log = partial(self.message_sender.send, 'Authenticator')
def authenticate(self): def authenticate(self):
""" """
@ -20,8 +26,11 @@ class UserOps:
user = self.db_session.query(User).filter(User.username == self.username).first() user = self.db_session.query(User).filter(User.username == self.username).first()
if not user or not PasswordHasher.verify(self.password, user.passwordhash): if not user or not PasswordHasher.verify(self.password, user.passwordhash):
self.log(f'Invalid credentials for user "{self.username}"!')
raise InvalidCredentialsError raise InvalidCredentialsError
self.log(f'User "{self.username}" logged in!')
def register(self): def register(self):
""" """
Attempts to register a user. Attempts to register a user.
@ -37,3 +46,5 @@ class UserOps:
passwordhash=PasswordHasher.hash(self.password)) passwordhash=PasswordHasher.hash(self.password))
self.db_session.add(user) self.db_session.add(user)
self.db_session.commit() self.db_session.commit()
self.log(f'User "{self.username}" registered!')

View File

@ -1,4 +1,5 @@
[program:webservice] [program:webservice]
user=%(ENV_AVATAO_USER)s
directory=%(ENV_TFW_WEBSERVICE_DIR)s directory=%(ENV_TFW_WEBSERVICE_DIR)s
environment=BASEURL="/webservice" environment=BASEURL="/webservice"
command=python3 server.py command=python3 server.py