X-Git-Url: https://osm.etsi.org/gitweb/?a=blobdiff_plain;f=osm_nbi%2Fauth.py;h=a99cea7e556067acf9562af6f4a884005af487c0;hb=d7753fce51ff422df546353e46dbff1ce495e34a;hp=7c29f84875418f08351391ec641cad3f7afbd542;hpb=4568a372eb5a204e04d917213de03ec51f9110c1;p=osm%2FNBI.git diff --git a/osm_nbi/auth.py b/osm_nbi/auth.py index 7c29f84..a99cea7 100644 --- a/osm_nbi/auth.py +++ b/osm_nbi/auth.py @@ -400,7 +400,6 @@ class Authenticator: It works in a shadow copy and replace at the end to allow other threads working with the old copy :return: None """ - permissions = {oper: [] for oper in self.role_permissions} # records = self.db.get_list(self.roles_to_operations_table) records = self.backend.get_role_list() @@ -503,6 +502,7 @@ class Authenticator: query_string_operations, item_id, ) + self.logger.info("RBAC_auth: {}".format(RBAC_auth)) token_info["allow_show_user_project_role"] = RBAC_auth return token_info @@ -768,3 +768,27 @@ class Authenticator: else: self.tokens_cache.clear() self.msg.write("admin", "revoke_token", {"_id": token} if token else None) + + def check_password_expiry(self, outdata): + """ + This method will check for password expiry of the user + :param outdata: user token information + """ + user_content = None + detail = {} + present_time = time() + user = outdata["username"] + if self.config["authentication"].get("pwd_expiry_check"): + user_content = self.db.get_list("users", {"username": user})[0] + if not user_content.get("username") == "admin": + user_content["_admin"]["modified_time"] = present_time + if user_content.get("_admin").get("expire_time"): + expire_time = user_content["_admin"]["expire_time"] + else: + expire_time = present_time + uid = user_content["_id"] + self.db.set_one("users", {"_id": uid}, user_content) + if not present_time < expire_time: + return True + else: + pass