----- Original Message -----
Discussing with Seth it appears that the desired behavior would be
to have a different login username when using the API vs the website.
This commit implements a api_login which is only valid to use the API
and won't be on the website.
---
copr_cli/README.rst | 2 +-
.../versions/2a75f0a06d90_add_a_api_login_fiel.py | 25
++++++++++++++++++++
coprs_frontend/coprs/models.py | 1 +
coprs_frontend/coprs/templates/api.html | 1 +
coprs_frontend/coprs/views/api_ns/api_general.py | 4 +++
coprs_frontend/coprs/views/misc.py | 6 +++-
6 files changed, 36 insertions(+), 3 deletions(-)
create mode 100644
coprs_frontend/alembic/versions/2a75f0a06d90_add_a_api_login_fiel.py
diff --git a/copr_cli/README.rst b/copr_cli/README.rst
index 962076b..e46f5ff 100644
--- a/copr_cli/README.rst
+++ b/copr_cli/README.rst
@@ -40,7 +40,7 @@ Usage:
::
[copr-cli]
- username = <insert here your username>
+ username = <insert here your API login>
token = <insert here your API token>
diff --git
a/coprs_frontend/alembic/versions/2a75f0a06d90_add_a_api_login_fiel.py
b/coprs_frontend/alembic/versions/2a75f0a06d90_add_a_api_login_fiel.py
new file mode 100644
index 0000000..bf1bb8f
--- /dev/null
+++
b/coprs_frontend/alembic/versions/2a75f0a06d90_add_a_api_login_fiel.py
@@ -0,0 +1,25 @@
+"""Add a api_login field to user
+
+Revision ID: 2a75f0a06d90
+Revises: 544873aa3ba1
+Create Date: 2013-03-10 10:01:16.820499
+
+"""
+
+# revision identifiers, used by Alembic.
+revision = '2a75f0a06d90'
+down_revision = '544873aa3ba1'
+
+from alembic import op
+import sqlalchemy as sa
+
+
+def upgrade():
+ """ Add the colum 'api_login' to the table user.
"""
+ op.add_column('user', sa.Column('api_login', sa.String(40),
+ nullable=False, server_default='default_token'))
+
+
+def downgrade():
+ """ Drop the column 'api_login' from the table user.
"""
+ op.drop_column('user', 'api_login')
diff --git a/coprs_frontend/coprs/models.py
b/coprs_frontend/coprs/models.py
index 8c20f86..957b80e 100644
--- a/coprs_frontend/coprs/models.py
+++ b/coprs_frontend/coprs/models.py
@@ -60,6 +60,7 @@ class User(db.Model, Serializer):
mail = db.Column(db.String(150), nullable = False)
proven = db.Column(db.Boolean, default = False)
admin = db.Column(db.Boolean, default = False)
+ api_login = db.Column(db.String(40), nullable = False, default =
'abc')
api_token = db.Column(db.String(40), nullable = False, default =
'abc')
api_token_expiration = db.Column(db.Date, nullable = False,
default = datetime.date(2000, 1, 1))
diff --git a/coprs_frontend/coprs/templates/api.html
b/coprs_frontend/coprs/templates/api.html
index 0de97b2..cb77a23 100644
--- a/coprs_frontend/coprs/templates/api.html
+++ b/coprs_frontend/coprs/templates/api.html
@@ -20,6 +20,7 @@
{% if g.user %}
<p>Your information:</p>
<pre style="font-size:120%">
+ API login : {{ g.user.api_login }}
API token : {{ g.user.api_token }}
Expiration date : {{ g.user.api_token_expiration }}
</pre>
diff --git a/coprs_frontend/coprs/views/api_ns/api_general.py
b/coprs_frontend/coprs/views/api_ns/api_general.py
index 081aceb..d69013b 100644
--- a/coprs_frontend/coprs/views/api_ns/api_general.py
+++ b/coprs_frontend/coprs/views/api_ns/api_general.py
@@ -30,6 +30,10 @@ def api_new_token():
""" Method use to generate a new API token for the current user.
"""
user = flask.g.user
+ copr64 = base64.b64encode('copr') + '##'
+ api_login = helpers.generate_api_token(
+ flask.current_app.config['API_TOKEN_LENGTH'] - len(copr64))
+ user.api_login = api_login
user.api_token = helpers.generate_api_token(
flask.current_app.config['API_TOKEN_LENGTH'])
user.api_token_expiration = datetime.date.today() \
diff --git a/coprs_frontend/coprs/views/misc.py
b/coprs_frontend/coprs/views/misc.py
index 383b832..12072e7 100644
--- a/coprs_frontend/coprs/views/misc.py
+++ b/coprs_frontend/coprs/views/misc.py
@@ -57,7 +57,10 @@ def create_or_login(resp):
if not user: # create if not created already
expiration_date_token = datetime.date.today() \
+ datetime.timedelta(days=30)
+ copr64 = base64.b64encode('copr') + '##'
user = models.User(openid_name = resp.identity_url, mail =
resp.email,
+ api_login = copr64 + helpers.generate_api_token(
+ app.config['API_TOKEN_LENGTH'] - len(copr64)),
api_token =
helpers.generate_api_token(app.config['API_TOKEN_LENGTH']),
api_token_expiration = expiration_date_token)
db.session.add(user)
@@ -90,8 +93,7 @@ def login_required(f):
token_auth = False
if token and username:
user = models.User.query.filter(
- models.User.openid_name ==
models.User.openidize_name(username)
- ).first()
+ models.User.api_login == username).first()
if user \
and user.api_token == token \
and user.api_token_expiration >=
datetime.date.today():
--
1.7.1
A question for this series. If I understand it correctly, the api_login is just another
random generated string, right? Would you please elaborate a bit more on why having
separate logins is good?
Thanks.
--
Regards,
Bohuslav "Slavek" Kabrda.