X-Git-Url: https://osm.etsi.org/gitweb/?p=osm%2FNBI.git;a=blobdiff_plain;f=osm_nbi%2Fauth.py;h=6cbfe685732d3fba9ac46f3eff42854dc231bac7;hp=7cbc4049bedcb807681edd412fd2650cd3cde242;hb=7ddb0732d05743a56ee3376446f76be8fa73d3ad;hpb=c23a9bbe927c3fc91fc56341695e61d0e02ca0c1 diff --git a/osm_nbi/auth.py b/osm_nbi/auth.py index 7cbc404..6cbfe68 100644 --- a/osm_nbi/auth.py +++ b/osm_nbi/auth.py @@ -42,6 +42,7 @@ from os import path from osm_nbi.authconn import AuthException, AuthconnException, AuthExceptionUnauthorized from osm_nbi.authconn_keystone import AuthconnKeystone from osm_nbi.authconn_internal import AuthconnInternal +from osm_nbi.authconn_tacacs import AuthconnTacacs from osm_common import dbmemory, dbmongo, msglocal, msgkafka from osm_common.dbbase import DbException from osm_nbi.validation import is_valid_uuid @@ -119,7 +120,10 @@ class Authenticator: self.backend = AuthconnKeystone(self.config["authentication"], self.db, self.role_permissions) elif config["authentication"]["backend"] == "internal": self.backend = AuthconnInternal(self.config["authentication"], self.db, self.role_permissions) - self._internal_tokens_prune() + self._internal_tokens_prune("tokens") + elif config["authentication"]["backend"] == "tacacs": + self.backend = AuthconnTacacs(self.config["authentication"], self.db, self.role_permissions) + self._internal_tokens_prune("tokens_tacacs") else: raise AuthException("Unknown authentication backend: {}" .format(config["authentication"]["backend"])) @@ -591,10 +595,10 @@ class Authenticator: raise AuthException("needed admin privileges", http_code=HTTPStatus.UNAUTHORIZED) return token_value - def _internal_tokens_prune(self, now=None): + def _internal_tokens_prune(self, token_collection, now=None): now = now or time() if not self.next_db_prune_time or self.next_db_prune_time >= now: - self.db.del_list("tokens", {"expires.lt": now}) + self.db.del_list(token_collection, {"expires.lt": now}) self.next_db_prune_time = self.periodin_db_pruning + now # self.tokens_cache.clear() # not required any more