##// END OF EJS Templates
fix for api key lookup, reuse same function in user model
marcink -
r1693:60249224 beta
parent child Browse files
Show More
@@ -114,7 +114,7 b' class JSONRPCController(WSGIController):'
114 114 return jsonrpc_error(message="JSON parse error ERR:%s RAW:%r" \
115 115 % (e, urllib.unquote_plus(raw_body)))
116 116
117 #check AUTH based on API KEY
117 # check AUTH based on API KEY
118 118 try:
119 119 self._req_api_key = json_body['api_key']
120 120 self._req_method = json_body['method']
@@ -125,9 +125,11 b' class JSONRPCController(WSGIController):'
125 125 except KeyError, e:
126 126 return jsonrpc_error(message='Incorrect JSON query missing %s' % e)
127 127
128 #check if we can find this session using api_key
128 # check if we can find this session using api_key
129 129 try:
130 130 u = User.get_by_api_key(self._req_api_key)
131 if u is None:
132 return jsonrpc_error(message='Invalid API KEY')
131 133 auth_u = AuthUser(u.user_id, self._req_api_key)
132 134 except Exception, e:
133 135 return jsonrpc_error(message='Invalid API KEY')
@@ -324,7 +324,7 b' class User(Base, BaseModel):'
324 324 if cache:
325 325 q = q.options(FromCache("sql_cache_short",
326 326 "get_api_key_%s" % api_key))
327 q.one()
327 return q.scalar()
328 328
329 329 def update_lastlogin(self):
330 330 """Update user lastlogin"""
@@ -70,13 +70,7 b' class UserModel(BaseModel):'
70 70 return user.scalar()
71 71
72 72 def get_by_api_key(self, api_key, cache=False):
73
74 user = self.sa.query(User)\
75 .filter(User.api_key == api_key)
76 if cache:
77 user = user.options(FromCache("sql_cache_short",
78 "get_user_%s" % api_key))
79 return user.scalar()
73 return User.get_by_api_key(api_key, cache)
80 74
81 75 def create(self, form_data):
82 76 try:
@@ -247,7 +247,6 b' class TestLoginController(TestController'
247 247 # GOOD KEY
248 248
249 249 key = User.get_by_username(username).api_key
250
251 250 response = self.app.get(url(controller='login',
252 251 action='password_reset_confirmation',
253 252 key=key))
General Comments 0
You need to be logged in to leave comments. Login now