Flussonic Watcher Documentation

Contents

Backend for user authorization

Users must be pre-configured according to the new Watcher structure

How it works:

  • An operator needs to realize the HTTP request handler, that has the logic to authenticate users.
  • The operator enters the path to the Flussonic Watcher authentication backend (Settings — Authentication backend).
  • A user logs into Flussonic Watcher using login/password.
  • Watcher transfers this data to the backend operator in a request payload.
  • Backend checks the incoming data.
  • If the user can be authenticated, the system returns the 200 HTTP code.
  • If the authentication data is incorrect, it returns the 403 HTTP code.
  • If the user is not found, the system gives 404.
  • If the authentication backed was out of reach or send the response less than 2 seconds. The user check if being done in the Watcher’s database.
    • import falcon, json

class AuthResource:
  def on_get(self, req, resp):
    print "GET %r\n%r" % (req.uri, req.params)
    login = req.params.get('login', None)
    password = req.params.get('password', None)
    if not login or not password:
      print 'incorrect request login: %r, pass: %r' % (login, password)
      resp.status = falcon.HTTP_400
      return

    if login == 'user0':
      if password == 'letmein':
        return
      resp.status = falcon.HTTP_403
      return

    if login == 'user1':
      if password == 'letmein':
        return
      resp.status = falcon.HTTP_403
      return

    resp.status = falcon.HTTP_404

app = falcon.API()
ad = AuthResource()

app.add_route('/auth', ad)

    Examples

    A user can get through:

    curl -vvv http://localhost:8001/auth\?login\=user0\&password\=letmein

*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 8001 (#0)
> GET /auth?login=user0&password=letmein HTTP/1.1
> Host: localhost:8001
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: gunicorn/19.7.0
< Date: Mon, 20 Mar 2017 10:16:21 GMT
< Connection: close
< content-length: 0
< content-type: application/json; charset=UTF-8
<
* Closing connection 0

    A user can’t get through:

    curl -vvv http://localhost:8001/auth\?login\=user0\&password\=wrong

*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 8001 (#0)
> GET /auth?login=user0&password=wrong HTTP/1.1
> Host: localhost:8001
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 403 Forbidden
< Server: gunicorn/19.7.0
< Date: Mon, 20 Mar 2017 10:16:27 GMT
< Connection: close
< content-length: 0
< content-type: application/json; charset=UTF-8
<
* Closing connection 0

    A user is not found:

    curl -vvv http://localhost:8001/auth\?login\=user10\&password\=wrong

*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 8001 (#0)
> GET /auth?login=user10&password=wrong HTTP/1.1
> Host: localhost:8001
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 404 Not Found
< Server: gunicorn/19.7.0
< Date: Mon, 20 Mar 2017 10:20:04 GMT
< Connection: close
< content-length: 0
< content-type: application/json; charset=UTF-8
<
* Closing connection 0