appenlight Files · backend/src/appenlight/lib/api.py

ini: added new key

ergo - - Load All Authors

File last commit:

r112:998f0d14


                r129:489ce37b

Download file

             api.py
        
                    81 lines
            
             | 3.4 KiB
            
                | text/x-python
            
             |
                PythonLexer
            
             / backend / src / appenlight / lib / api.py
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      # -*- coding: utf-8 -*-

      # Copyright 2010 - 2017 RhodeCode GmbH and the AppEnlight project authors

      #

      # Licensed under the Apache License, Version 2.0 (the "License");

      # you may not use this file except in compliance with the License.

      # You may obtain a copy of the License at

      #

      #   http://www.apache.org/licenses/LICENSE-2.0

      #

      # Unless required by applicable law or agreed to in writing, software

      # distributed under the License is distributed on an "AS IS" BASIS,

      # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

      # See the License for the specific language governing permissions and

      # limitations under the License.

      import datetime

      import logging

      from pyramid.httpexceptions import HTTPForbidden, HTTPTooManyRequests

      from appenlight.models import Datastores

      from appenlight.models.services.config import ConfigService

      from appenlight.lib.redis_keys import REDIS_KEYS

      log = logging.getLogger(__name__)

      def rate_limiting(request, resource, section, to_increment=1):

          tsample = datetime.datetime.utcnow().replace(second=0, microsecond=0)

          key = REDIS_KEYS['rate_limits'][section].format(tsample,

                                                          resource.resource_id)

          redis_pipeline = request.registry.redis_conn.pipeline()

          redis_pipeline.incr(key, to_increment)

          redis_pipeline.expire(key, 3600 * 24)

          results = redis_pipeline.execute()

          current_count = results[0]

          config = ConfigService.by_key_and_section(section, 'global')

          limit = config.value if config else 1000

          if current_count > int(limit):

              log.info('RATE LIMITING: {}: {}, {}'.format(

                  section, resource, current_count))

              abort_msg = 'Rate limits are in effect for this application'

              raise HTTPTooManyRequests(abort_msg,

                                        headers={'X-AppEnlight': abort_msg})

      def check_cors(request, application, should_return=True):

          """

          Performs a check and validation if request comes from authorized domain for

          application, otherwise return 403

          """

          origin_found = False

          origin = request.headers.get('Origin')

          if should_return:

              log.info('CORS for %s' % origin)

          if not origin:

              return False

          for domain in application.domains.split('\n'):

              if domain in origin:

                  origin_found = True

          if origin_found:

              request.response.headers.add('Access-Control-Allow-Origin', origin)

              request.response.headers.add('XDomainRequestAllowed', '1')

              request.response.headers.add('Access-Control-Allow-Methods',

                                           'GET, POST, OPTIONS')

              request.response.headers.add('Access-Control-Allow-Headers',

                                           'Accept-Encoding, Accept-Language, '

                                           'Content-Type, '

                                           'Depth, User-Agent, X-File-Size, '

                                           'X-Requested-With, If-Modified-Since, '

                                           'X-File-Name, '

                                           'Cache-Control, Host, Pragma, Accept, '

                                           'Origin, Connection, '

                                           'Referer, Cookie, '

                                           'X-appenlight-public-api-key, '

                                           'x-appenlight-public-api-key')

              request.response.headers.add('Access-Control-Max-Age', '86400')

              return request.response

          else:

              return HTTPForbidden()

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				# -- coding: utf-8 --

				# Copyright 2010 - 2017 RhodeCode GmbH and the AppEnlight project authors
				#
				# Licensed under the Apache License, Version 2.0 (the "License");
				# you may not use this file except in compliance with the License.
				# You may obtain a copy of the License at
				#
				# http://www.apache.org/licenses/LICENSE-2.0
				#
				# Unless required by applicable law or agreed to in writing, software
				# distributed under the License is distributed on an "AS IS" BASIS,
				# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				# See the License for the specific language governing permissions and
				# limitations under the License.

				import datetime
				import logging

				from pyramid.httpexceptions import HTTPForbidden, HTTPTooManyRequests

				from appenlight.models import Datastores
				from appenlight.models.services.config import ConfigService
				from appenlight.lib.redis_keys import REDIS_KEYS

				log = logging.getLogger(__name__)


				def rate_limiting(request, resource, section, to_increment=1):
				tsample = datetime.datetime.utcnow().replace(second=0, microsecond=0)
				key = REDIS_KEYS['rate_limits'][section].format(tsample,
				resource.resource_id)
				redis_pipeline = request.registry.redis_conn.pipeline()
				redis_pipeline.incr(key, to_increment)
				redis_pipeline.expire(key, 3600 * 24)
				results = redis_pipeline.execute()
				current_count = results[0]
				config = ConfigService.by_key_and_section(section, 'global')
				limit = config.value if config else 1000
				if current_count > int(limit):
				log.info('RATE LIMITING: {}: {}, {}'.format(
				section, resource, current_count))
				abort_msg = 'Rate limits are in effect for this application'
				raise HTTPTooManyRequests(abort_msg,
				headers={'X-AppEnlight': abort_msg})


				def check_cors(request, application, should_return=True):
				"""
				Performs a check and validation if request comes from authorized domain for
				application, otherwise return 403
				"""
				origin_found = False
				origin = request.headers.get('Origin')
				if should_return:
				log.info('CORS for %s' % origin)
				if not origin:
				return False
				for domain in application.domains.split('\n'):
				if domain in origin:
				origin_found = True
				if origin_found:
				request.response.headers.add('Access-Control-Allow-Origin', origin)
				request.response.headers.add('XDomainRequestAllowed', '1')
				request.response.headers.add('Access-Control-Allow-Methods',
				'GET, POST, OPTIONS')
				request.response.headers.add('Access-Control-Allow-Headers',
				'Accept-Encoding, Accept-Language, '
				'Content-Type, '
				'Depth, User-Agent, X-File-Size, '
				'X-Requested-With, If-Modified-Since, '
				'X-File-Name, '
				'Cache-Control, Host, Pragma, Accept, '
				'Origin, Connection, '
				'Referer, Cookie, '
				'X-appenlight-public-api-key, '
				'x-appenlight-public-api-key')
				request.response.headers.add('Access-Control-Max-Age', '86400')
				return request.response
				else:
				return HTTPForbidden()