Session.verify - Python API

Verifies that a session pointed to by a UST from target_ust exists and has not expired. Only super-users are allowed to invoke this API.

The call never fails and if any exception is encountered, it is logged and False is returned on output.

API

self.sso.user.session.verify

verify(self, cid, target_ust, current_ust, current_app, remote_addr)

Creates a new super-user.

Parameters:
  • cid (string) – Correlation ID used by audit log
  • target_ust (string) – UST of the session to verify
  • current_ust (string) – Current user’s UST (must belong to a super-user)
  • current_app (string) – Name of application the current user is issuing the call from
  • remote_addr (string) – Current user’s remote address
Return type:

exists - A boolean flag indicating whether input target_ust exists and has not expired

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# -*- coding: utf-8 -*-

from __future__ import absolute_import, division, print_function, unicode_literals

# Zato
from zato.server.service import Service

class VerifySession(Service):
    def handle(self):

        # Current user's data
        username = 'admin1'
        password = 'abxqDJpXMVXYEO8NOGx9nVZvv4xSew9-'
        current_app = 'CRM'
        remote_addr = '127.0.0.1'
        user_agent = 'Firefox 139.0'

        # Log in current user
        session = self.sso.user.login(username, password, current_app, remote_addr, user_agent)

        # Get current UST
        ust = session.ust

        # Another UST to check
        target_ust = 'gAAAAABaqSjEHUpNOhz9EO2GB_tYTjhG...'

        # Check if target UST exists
        exists = self.sso.user.session.verify(self.cid, target_ust, ust, current_app, remote_addr)

        # Log result
        self.logger.info('Exists: %s', exists)
1
INFO - Exists: False