appenlight Files · backend/src/appenlight/lib/api.py

setup: change url to github

ergo - - Load All Authors

File last commit:

r153:32f4b641


                r196:472d1df0

master

Download file

             api.py
        
                    80 lines
            
             | 3.0 KiB
            
                | text/x-python
            
             |
                PythonLexer
            
             / backend / src / appenlight / lib / api.py
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      # -*- coding: utf-8 -*-

      # Copyright 2010 - 2017 RhodeCode GmbH and the AppEnlight project authors

      #

      # Licensed under the Apache License, Version 2.0 (the "License");

      # you may not use this file except in compliance with the License.

      # You may obtain a copy of the License at

      #

      #   http://www.apache.org/licenses/LICENSE-2.0

      #

      # Unless required by applicable law or agreed to in writing, software

      # distributed under the License is distributed on an "AS IS" BASIS,

      # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

      # See the License for the specific language governing permissions and

      # limitations under the License.

      import datetime

      import logging

      from pyramid.httpexceptions import HTTPForbidden, HTTPTooManyRequests

      from appenlight.models.services.config import ConfigService

      from appenlight.lib.redis_keys import REDIS_KEYS

      log = logging.getLogger(__name__)

      def rate_limiting(request, resource, section, to_increment=1):

          tsample = datetime.datetime.utcnow().replace(second=0, microsecond=0)

          key = REDIS_KEYS["rate_limits"][section].format(tsample, resource.resource_id)

          redis_pipeline = request.registry.redis_conn.pipeline()

          redis_pipeline.incr(key, to_increment)

          redis_pipeline.expire(key, 3600 * 24)

          results = redis_pipeline.execute()

          current_count = results[0]

          config = ConfigService.by_key_and_section(section, "global")

          limit = config.value if config else 1000

          if current_count > int(limit):

              log.info("RATE LIMITING: {}: {}, {}".format(section, resource, current_count))

              abort_msg = "Rate limits are in effect for this application"

              raise HTTPTooManyRequests(abort_msg, headers={"X-AppEnlight": abort_msg})

      def check_cors(request, application, should_return=True):

          """

          Performs a check and validation if request comes from authorized domain for

          application, otherwise return 403

          """

          origin_found = False

          origin = request.headers.get("Origin")

          if should_return:

              log.info("CORS for %s" % origin)

          if not origin:

              return False

          for domain in application.domains.split("\n"):

              if domain in origin:

                  origin_found = True

          if origin_found:

              request.response.headers.add("Access-Control-Allow-Origin", origin)

              request.response.headers.add("XDomainRequestAllowed", "1")

              request.response.headers.add(

                  "Access-Control-Allow-Methods", "GET, POST, OPTIONS"

              )

              request.response.headers.add(

                  "Access-Control-Allow-Headers",

                  "Accept-Encoding, Accept-Language, "

                  "Content-Type, "

                  "Depth, User-Agent, X-File-Size, "

                  "X-Requested-With, If-Modified-Since, "

                  "X-File-Name, "

                  "Cache-Control, Host, Pragma, Accept, "

                  "Origin, Connection, "

                  "Referer, Cookie, "

                  "X-appenlight-public-api-key, "

                  "x-appenlight-public-api-key",

              )

              request.response.headers.add("Access-Control-Max-Age", "86400")

              return request.response

          else:

              return HTTPForbidden()

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				# -- coding: utf-8 --

				# Copyright 2010 - 2017 RhodeCode GmbH and the AppEnlight project authors
				#
				# Licensed under the Apache License, Version 2.0 (the "License");
				# you may not use this file except in compliance with the License.
				# You may obtain a copy of the License at
				#
				# http://www.apache.org/licenses/LICENSE-2.0
				#
				# Unless required by applicable law or agreed to in writing, software
				# distributed under the License is distributed on an "AS IS" BASIS,
				# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				# See the License for the specific language governing permissions and
				# limitations under the License.

				import datetime
				import logging

				from pyramid.httpexceptions import HTTPForbidden, HTTPTooManyRequests

				from appenlight.models.services.config import ConfigService
				from appenlight.lib.redis_keys import REDIS_KEYS

				log = logging.getLogger(__name__)


				def rate_limiting(request, resource, section, to_increment=1):
				tsample = datetime.datetime.utcnow().replace(second=0, microsecond=0)
				key = REDIS_KEYS["rate_limits"][section].format(tsample, resource.resource_id)
				redis_pipeline = request.registry.redis_conn.pipeline()
				redis_pipeline.incr(key, to_increment)
				redis_pipeline.expire(key, 3600 * 24)
				results = redis_pipeline.execute()
				current_count = results[0]
				config = ConfigService.by_key_and_section(section, "global")
				limit = config.value if config else 1000
				if current_count > int(limit):
				log.info("RATE LIMITING: {}: {}, {}".format(section, resource, current_count))
				abort_msg = "Rate limits are in effect for this application"
				raise HTTPTooManyRequests(abort_msg, headers={"X-AppEnlight": abort_msg})


				def check_cors(request, application, should_return=True):
				"""
				Performs a check and validation if request comes from authorized domain for
				application, otherwise return 403
				"""
				origin_found = False
				origin = request.headers.get("Origin")
				if should_return:
				log.info("CORS for %s" % origin)
				if not origin:
				return False
				for domain in application.domains.split("\n"):
				if domain in origin:
				origin_found = True
				if origin_found:
				request.response.headers.add("Access-Control-Allow-Origin", origin)
				request.response.headers.add("XDomainRequestAllowed", "1")
				request.response.headers.add(
				"Access-Control-Allow-Methods", "GET, POST, OPTIONS"
				)
				request.response.headers.add(
				"Access-Control-Allow-Headers",
				"Accept-Encoding, Accept-Language, "
				"Content-Type, "
				"Depth, User-Agent, X-File-Size, "
				"X-Requested-With, If-Modified-Since, "
				"X-File-Name, "
				"Cache-Control, Host, Pragma, Accept, "
				"Origin, Connection, "
				"Referer, Cookie, "
				"X-appenlight-public-api-key, "
				"x-appenlight-public-api-key",
				)
				request.response.headers.add("Access-Control-Max-Age", "86400")
				return request.response
				else:
				return HTTPForbidden()