11from __future__ import annotations
22
3+ import os
34import secrets
45import time
56from logging import getLogger
1819
1920from murfey .server import sanitise
2021from murfey .server .murfey_db import murfey_db , url
21- from murfey .util .config import get_security_config
22+ from murfey .util .config import get_machine_config , get_security_config
2223from murfey .util .db import MurfeyUser as User
2324from murfey .util .db import Session as MurfeySession
2425
@@ -63,6 +64,12 @@ async def __call__(self, request: Request):
6364
6465# Set up variables used for authentication
6566security_config = get_security_config ()
67+ machine_config = get_machine_config ()
68+ auth_url = (
69+ machine_config [os .getenv ("BEAMLINE" , "" )].auth_url
70+ if machine_config .get (os .getenv ("BEAMLINE" , "" ))
71+ else ""
72+ )
6673ALGORITHM = security_config .auth_algorithm or "HS256"
6774SECRET_KEY = security_config .auth_key or secrets .token_hex (32 )
6875if security_config .auth_type == "password" :
@@ -156,7 +163,7 @@ def password_token_validation(token: str):
156163
157164async def validate_token (token : Annotated [str , Depends (oauth2_scheme )]):
158165 try :
159- if security_config . auth_url :
166+ if auth_url :
160167 headers = (
161168 {}
162169 if security_config .auth_type == "cookie"
@@ -169,7 +176,7 @@ async def validate_token(token: Annotated[str, Depends(oauth2_scheme)]):
169176 )
170177 async with aiohttp .ClientSession (cookies = cookies ) as session :
171178 async with session .get (
172- f"{ security_config . auth_url } ,
179+ f"{ auth_url } ,
173180 headers = headers ,
174181 ) as response :
175182 success = response .status == 200
@@ -218,13 +225,13 @@ class Token(BaseModel):
218225
219226
220227def create_access_token (data : dict , token : str = "" ) -> str :
221- if security_config . auth_url and data .get ("session" ):
228+ if auth_url and data .get ("session" ):
222229 session_id = data ["session" ]
223230 if not isinstance (session_id , int ) and session_id > 0 :
224231 # check the session ID is alphanumeric for security
225232 raise ValueError ("Session ID was invalid (not alphanumeric)" )
226233 minted_token_response = requests .get (
227- f"{ security_config . auth_url } { sanitise (str (session_id ))} ,
234+ f"{ auth_url } { sanitise (str (session_id ))} ,
228235 headers = {"Authorization" : f"Bearer { token } },
229236 )
230237 if minted_token_response .status_code != 200 :
@@ -250,13 +257,13 @@ def create_access_token(data: dict, token: str = "") -> str:
250257async def generate_token (
251258 form_data : Annotated [OAuth2PasswordRequestForm , Depends ()],
252259) -> Token :
253- if security_config . auth_url :
260+ if auth_url :
254261 data = aiohttp .FormData ()
255262 data .add_field ("username" , form_data .username )
256263 data .add_field ("password" , form_data .password )
257264 async with aiohttp .ClientSession () as session :
258265 async with session .post (
259- f"{ security_config . auth_url } ,
266+ f"{ auth_url } ,
260267 data = data ,
261268 ) as response :
262269 validated = response .status == 200
@@ -270,7 +277,7 @@ async def generate_token(
270277 detail = "Incorrect username or password" ,
271278 headers = {"WWW-Authenticate" : "Bearer" },
272279 )
273- if not security_config . auth_url :
280+ if not auth_url :
274281 access_token = create_access_token (
275282 data = {"user" : form_data .username },
276283 )
0 commit comments