Show More
@@ -128,6 +128,8 b' class JSONRPCController(WSGIController):' | |||||
128 | #check if we can find this session using api_key |
|
128 | # check if we can find this session using api_key | |
129 | try: |
|
129 | try: | |
130 | u = User.get_by_api_key(self._req_api_key) |
|
130 | u = User.get_by_api_key(self._req_api_key) | |
|
131 | if u is None: | |||
|
132 | return jsonrpc_error(message='Invalid API KEY') | |||
131 | auth_u = AuthUser(u.user_id, self._req_api_key) |
|
133 | auth_u = AuthUser(u.user_id, self._req_api_key) | |
132 | except Exception, e: |
|
134 | except Exception, e: | |
133 | return jsonrpc_error(message='Invalid API KEY') |
|
135 | return jsonrpc_error(message='Invalid API KEY') |
@@ -324,7 +324,7 b' class User(Base, BaseModel):' | |||||
324 | if cache: |
|
324 | if cache: | |
325 | q = q.options(FromCache("sql_cache_short", |
|
325 | q = q.options(FromCache("sql_cache_short", | |
326 | "get_api_key_%s" % api_key)) |
|
326 | "get_api_key_%s" % api_key)) | |
327 |
q. |
|
327 | return q.scalar() | |
328 |
|
328 | |||
329 | def update_lastlogin(self): |
|
329 | def update_lastlogin(self): | |
330 | """Update user lastlogin""" |
|
330 | """Update user lastlogin""" |
@@ -70,13 +70,7 b' class UserModel(BaseModel):' | |||||
70 | return user.scalar() |
|
70 | return user.scalar() | |
71 |
|
71 | |||
72 | def get_by_api_key(self, api_key, cache=False): |
|
72 | def get_by_api_key(self, api_key, cache=False): | |
73 |
|
73 | return User.get_by_api_key(api_key, cache) | ||
74 | user = self.sa.query(User)\ |
|
|||
75 | .filter(User.api_key == api_key) |
|
|||
76 | if cache: |
|
|||
77 | user = user.options(FromCache("sql_cache_short", |
|
|||
78 | "get_user_%s" % api_key)) |
|
|||
79 | return user.scalar() |
|
|||
80 |
|
74 | |||
81 | def create(self, form_data): |
|
75 | def create(self, form_data): | |
82 | try: |
|
76 | try: |
@@ -247,7 +247,6 b' class TestLoginController(TestController' | |||||
247 | # GOOD KEY |
|
247 | # GOOD KEY | |
248 |
|
248 | |||
249 | key = User.get_by_username(username).api_key |
|
249 | key = User.get_by_username(username).api_key | |
250 |
|
||||
251 | response = self.app.get(url(controller='login', |
|
250 | response = self.app.get(url(controller='login', | |
252 | action='password_reset_confirmation', |
|
251 | action='password_reset_confirmation', | |
253 | key=key)) |
|
252 | key=key)) |
General Comments 0
You need to be logged in to leave comments.
Login now