backend.globaleaks.handlers.authentication

Module Contents

Classes

AuthenticationHandler Login handler for admins and recipents and custodians
TokenAuthHandler Login handler for token based authentication
ReceiptAuthHandler Receipt handler used by whistleblowers
SessionHandler Session handler for authenticated users
TenantAuthSwitchHandler Login handler for switching tenant

Functions

login_delay() The function in case of failed_login_attempts introduces
login_whistleblower(session, tid, receipt) Login transaction for whistleblowers’ access
login(session, tid, username, password, authcode, client_using_tor, client_ip) Login transaction for users’ access
backend.globaleaks.handlers.authentication.login_delay()[source]

The function in case of failed_login_attempts introduces an exponential increasing delay between 0 and 42 seconds

the function implements the following table:
failed_attempts | delay |
x < 5 | 0 |
5 | random(5, 25) |
6 | random(6, 36) |
7 | random(7, 42) |
8 <= x <= 42 | random(x, 42) |
x > 42 | 42 | ———————————-
backend.globaleaks.handlers.authentication.login_whistleblower(session, tid, receipt)[source]

Login transaction for whistleblowers’ access

Parameters:
  • session – An ORM session
  • tid – A tenant ID
  • receipt – A provided receipt
Returns:

Returns a user session in case of success

backend.globaleaks.handlers.authentication.login(session, tid, username, password, authcode, client_using_tor, client_ip)[source]

Login transaction for users’ access

Parameters:
  • session – An ORM session
  • tid – A tenant ID
  • username – A provided username
  • password – A provided password
  • authcode – A provided authcode
  • client_using_tor – A boolean signaling Tor usage
  • client_ip – The client IP
Returns:

Returns a user session in case of success

class backend.globaleaks.handlers.authentication.AuthenticationHandler[source]

Bases: globaleaks.handlers.base.BaseHandler

Login handler for admins and recipents and custodians

check_roles = none[source]
uniform_answer_time = True[source]
post(self)[source]
class backend.globaleaks.handlers.authentication.TokenAuthHandler[source]

Bases: globaleaks.handlers.base.BaseHandler

Login handler for token based authentication

check_roles = none[source]
uniform_answer_time = True[source]
post(self)[source]
class backend.globaleaks.handlers.authentication.ReceiptAuthHandler[source]

Bases: globaleaks.handlers.base.BaseHandler

Receipt handler used by whistleblowers

check_roles = none[source]
uniform_answer_time = True[source]
post(self)[source]
class backend.globaleaks.handlers.authentication.SessionHandler[source]

Bases: globaleaks.handlers.base.BaseHandler

Session handler for authenticated users

check_roles[source]
get(self)[source]

Refresh and retrive session

delete(self)[source]

Logout

class backend.globaleaks.handlers.authentication.TenantAuthSwitchHandler[source]

Bases: globaleaks.handlers.base.BaseHandler

Login handler for switching tenant

check_roles = admin[source]
get(self, tid)[source]