Loading web/advanced_api.py +9 −9 Original line number Diff line number Diff line Loading @@ -56,18 +56,22 @@ class Advanced_API(API): ############# # Decorator # ############# def getAuth(): method, auth = (request.headers.get('Authorization')+" ").split(" ", 1) # Adding and removing space to ensure decent split name, key = (':'+auth.strip()).rsplit(":", 1) name = name[1:] # Adding and removing colon to ensure decent split return method, name, key def authErrors(): # Check auth if not request.headers.get('Authorization'): return ({'status': 'error', 'reason': 'Authentication needed'}, 401) method, auth = (request.headers.get('Authorization')+" ").split(" ", 1) # Adding and removing space to ensure decent split method, name, token = Advanced_API.getAuth() data = None if method.lower() not in ['basic', 'token']: data = ({'status': 'error', 'reason': 'Authorization method not allowed'}, 400) else: try: name, token = (':'+auth.strip()).rsplit(":", 1) name = name[1:] # Adding and removing colon to ensure decent split if method.lower() == 'basic': authenticator = AuthenticationHandler() if not authenticator.validateUser(name, token): data = ({'status': 'error', 'reason': 'Authentication failed'}, 401) Loading Loading @@ -145,16 +149,12 @@ class Advanced_API(API): @token_required # Of course only the login credentials would work def api_admin_get_token(self): method, auth = (request.headers.get('Authorization')+" ").split(" ", 1) name, token = (':'+auth.strip()).rsplit(":", 1) name = name[1:] method, name, key = Advanced_API.getAuth() return db.getToken(name) @token_required def api_admin_generate_token(self): method, auth = (request.headers.get('Authorization')+" ").split(" ", 1) name, token = (':'+auth.strip()).rsplit(":", 1) name = name[1:] method, name, key = Advanced_API.getAuth() return db.generateToken(name) @token_required Loading Loading
web/advanced_api.py +9 −9 Original line number Diff line number Diff line Loading @@ -56,18 +56,22 @@ class Advanced_API(API): ############# # Decorator # ############# def getAuth(): method, auth = (request.headers.get('Authorization')+" ").split(" ", 1) # Adding and removing space to ensure decent split name, key = (':'+auth.strip()).rsplit(":", 1) name = name[1:] # Adding and removing colon to ensure decent split return method, name, key def authErrors(): # Check auth if not request.headers.get('Authorization'): return ({'status': 'error', 'reason': 'Authentication needed'}, 401) method, auth = (request.headers.get('Authorization')+" ").split(" ", 1) # Adding and removing space to ensure decent split method, name, token = Advanced_API.getAuth() data = None if method.lower() not in ['basic', 'token']: data = ({'status': 'error', 'reason': 'Authorization method not allowed'}, 400) else: try: name, token = (':'+auth.strip()).rsplit(":", 1) name = name[1:] # Adding and removing colon to ensure decent split if method.lower() == 'basic': authenticator = AuthenticationHandler() if not authenticator.validateUser(name, token): data = ({'status': 'error', 'reason': 'Authentication failed'}, 401) Loading Loading @@ -145,16 +149,12 @@ class Advanced_API(API): @token_required # Of course only the login credentials would work def api_admin_get_token(self): method, auth = (request.headers.get('Authorization')+" ").split(" ", 1) name, token = (':'+auth.strip()).rsplit(":", 1) name = name[1:] method, name, key = Advanced_API.getAuth() return db.getToken(name) @token_required def api_admin_generate_token(self): method, auth = (request.headers.get('Authorization')+" ").split(" ", 1) name, token = (':'+auth.strip()).rsplit(":", 1) name = name[1:] method, name, key = Advanced_API.getAuth() return db.generateToken(name) @token_required Loading
