In my rails application I have 2 users with 2 different API tokens, I need to switch back to user2 token seamlessly on application startup?
config/tokens.yml
development: &development
# token belongs to user1
api_token: 'token1'
# token belongs to user2
# api_token: 'token2'
protocol: 'http'
host: 'localhost'
port: '3000'
How should I modify yaml file, so that selection between these users can be done easily.
You can do something like
api_users: user1,user2
api_tokens: token1,token2
Then when parsing the YAML, assuming the hash is stored in the tokens variable
def token_for_user(user)
users = tokens[:api_users].split(",")
tokens = tokens[:api_tokens].split(",")
tokens[users.index(user)]
end
token_for_user("user1")
# => token1
Related
I want to implement Google's One tap sign-up and automatic sign-in in my website with the help of documentation https://developers.google.com/identity/one-tap/web/ but I am getting confused on how to implement in python.
def smartlock(request):
try:
CLIENT_ID='*******'
csrf_token_cookie = self.request.cookies.get('g_csrf_token')
if not csrf_token_cookie:
webapp2.abort(400, 'No CSRF token in Cookie.')
csrf_token_body = self.request.get('g_csrf_token')
if not csrf_token_body:
webapp2.abort(400, 'No CSRF token in post body.')
if csrf_token_cookie != csrf_token_body:
webapp2.abort(400, 'Failed to verify double submit cookie.')
# Specify the CLIENT_ID of the app that accesses the backend:
idinfo = id_token.verify_oauth2_token(csrf_token_cookie, requests.Request(), CLIENT_ID)
# Or, if multiple clients access the backend server:
# idinfo = id_token.verify_oauth2_token(token, requests.Request())
# if idinfo['aud'] not in [CLIENT_ID_1, CLIENT_ID_2, CLIENT_ID_3]:
# raise ValueError('Could not verify audience.')
if idinfo['iss'] not in ['accounts.google.com', 'https://accounts.google.com']:
raise ValueError('Wrong issuer.')
# If auth request is from a G Suite domain:
# if idinfo['hd'] != GSUITE_DOMAIN_NAME:
# raise ValueError('Wrong hosted domain.')
# ID token is valid. Get the user's Google Account ID from the decoded token.
userid = idinfo['sub']
except ValueError:
# Invalid token
pass
'''
As mentioned in the 'Key Point' section of this page: The ID token is returned in the credential field, instead of the g_csrf_token field.
So, you need to get the idinfo with the code as below:
credential = self.request.get('credential')
idinfo = id_token.verify_oauth2_token(credential, requests.Request(), CLIENT_ID)
The g_csrf_token parameter is for different purpose. It makes sure the request was submitted from a page in your own domain, so as to prevent the cross-site-request-forge attacks.
I've install FR3LdapBundle & FOSUserBundle with Symfony3 successfully as per my blog, and I'm able to authenticate against this test LDAP server; but now I'm trying to authenticate against our internal Active Directory Server.
Here is the change in config (I have obsfucated the config information on purpose):
fr3d_ldap:
driver:
host: somehost
username: administrateur
password: somepass
port: 389
accountDomainName: somedom.local
accountDomainNameShort: somedom
user:
usernameAttribute: administrateur
baseDn: ou=utilisateurs,dc=somedom,dc=local
attributes:
- { ldap_attr: administrateur, user_method: setUsername }
- { ldap_attr: mail, user_method: setEmail }
filter: (&(ObjectClass=person))
The above is the only change I made. In my DEV logs, when I log in I get these important messages:
[2017-05-09 15:56:54] ldap_driver.DEBUG: ldap_search(ou=utilisateurs,dc=somedom,dc=local, (&(&(ObjectClass=person)) (sAMAccountName=somedom\5cadministrateur)), [array]) {"action":"ldap_search","base_dn":"ou=utilisateurs,dc=somedom,dc=local","filter":"(&(&(ObjectClass=person))(sAMAccountName=somedom\\5cadministrateur))","attributes":[]} []
[2017-05-09 15:56:54] security.INFO: User somedom\administrateur not found on LDAP {"action":"loadUserByUsername","username":"somedom\\administrateur","result":"not found"} []
So I wonder if I need a special config?
Login as:
administrateur
instead, in the log it shows you are trying to login as "somedom\administrateur", but you don't need to add the domain.
I think that's the problem. Can you try it and if it doesn't work, I'll get you to try something else.
EDIT #2
I also see you have this set in your config.yml code:
attributes:
- { ldap_attr: administrateur, user_method: setUsername }
But instead should be:
attributes:
- { ldap_attr: samaccountname, user_method: setUsername }
Then if you use the LDAP browser, verify that the user exists in the baseDn you specified, and look for the attribute sAMAccountName and this is the user string you should enter in the login name field.
All,
I am trying to use cache to avoid request over http when the request is made for a specific area.
For example, your are in Los Angeles and 3 persons around you ( appx 1miles) make a google search about gas station nearby.
Instead of requesting each time, it's faster to allow people who are close to you and making the same search to get the result already cached.
In a previous method, I am caching using Redis and build a key using the parameters but to re-use it, you need an exact match as the key created was based on "gas_station__"
def set_cache key, val
return if blank?( key ) || blank?( val )
connection.set key, val
connection.expire key, EXPIRY
end
def get_cache key
connection.get( key ) if present?( key )
end
now I have used the Ruby Gem geocode api and when giving a coordinate and distance, it give me back a range of lat/lon
Geocoder::Calculations.bounding_box(location, distance)
and using the api below:
def isLocationInRange(location, area)
if location[0].between?(area[0], area[2]) && location[1].between?(area[1], area[3])
return true
end
false
end
I am able to know if the location gave in isLocationInRange is inside the "area"
the issue now is to connect this logic to Redis and use it to re-use the cache.
the best should be to generate a Redis key and look for it but it's not easy as I do not want to parse each key stored and check one by one the lat/lon params defined to see if that match an already known range of location.
Gemfile
gem 'redis'
Run bundle install
config/redis.yml
default: &default
host: localhost
port: 6379
db: 15
development:
<<: *default
test:
<<: *default
production:
<<: *default
config/initializers/redis.rb
redis_config = HashWithIndifferentAccess.new(Rails.application.config_for(:redis))
REDIS = Redis.new(host: redis_config[:host], port: redis_config[:port], db: redis_config[:db])
Now REDIS variable is available throughout your application since initializer files are loaded on app load.
REDIS.set("gas_station__#{some_location}", latitude_values here)
REDIS.get("gas_station_#{some_location}")
References: https://github.com/redis/redis-rb
I cannot get an app to find the generated token of another app. Both apps (App1 and App2) live in an umbrella, and share the same config and secret-key.
I have my user authentication set up in sessions, the Guardian token is found through:
plug Guardian.Plug.VerifySession
plug Guardian.Plug.LoadResource
The token is found in the generating app "App1". However, when I implement the same Guardian config with the same secret-key in "App2", App2 cannot find the token generated by App1.
My config:
config :guardian, Guardian,
allowed_algos: ["HS512"],
verify_module: Guardian.JWT,
issuer: "Umbrella",
ttl: { 1, :days },
allowed_drift: 2000,
verify_issuer: true,
secret_key: "theonesecretkey",
serializer: Umbrella.App2.GuardianSerializer
App2 serializer is replaced by App1 serializer in App1.
(I am using the current Guardian, 0.14; together with Phoenix 1.2.1.)
Edit: Furthermore, App1 and App2 are supposed to run on different servers later on.
How can I get App2 to detect and use the token generated by App1?
Which (additional) parts do I need to connect, so that it works?
In a Rails 3.2 app I have a facebook.yml, twitter.yml, etc containing relevant tokens for development, production, staging environments.
I then have methods such as
CONFIG = YAML.load_file(Rails.root.join("config/facebook.yml"))[Rails.env]
FB_APP_ID = CONFIG['app_id']
FB_SECRET = CONFIG['secret_key']
FB_NAMESPACE = CONFIG['name_space']
How and where should I set up these methods so that I can access FB_APP_ID from anywhere else in my app: controllers, models, views, etc?
Is this where modules come in?
Thanks
In the end I created a config.yml file
development:
facebook:
app_id: #####
secret: ###
twitter:
--
production:
---
etc
Added initializers/config.rb
CONFIG = YAML.load_file(Rails.root.join("config/config.yml"))[Rails.env]
module Facebook
APP_ID = FB_CONFIG["facebook"]['app_id']
SECRET = FB_CONFIG["facebook"]['secret']
end
module Twitter
--
end
Now I can access these values anywhere using
Facebook::APP_ID
Not sure if this is the best approach, but its working for now.