Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
La Quadrature du Net
piphone
piphone-sip
Commits
2291f71d
Commit
2291f71d
authored
Apr 13, 2016
by
okhin
Browse files
Authentication decorator is working
parent
eff37091
Pipeline
#8
skipped
Changes
2
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
app.py
0 → 100644
View file @
2291f71d
#!/usr/bin/env python
import
sqlite3
from
bottle
import
route
,
run
,
request
,
abort
,
install
,
get
,
post
from
bottle_sqlite
import
SQLitePlugin
import
jwt
install
(
SQLitePlugin
(
dbfile
=
'call.db'
))
# We need a decorator to check if our query is authenticated.
# We will store an API key and SECRET in ur database, the client
# needs to have both of them.
# He must then send us a JWT token with an API claim in the payload.
# The JWT token must be encoded and signed with the SECRET. If the
# token is bad, we return a 403.
def
authenticated
(
f
):
def
wrapped
(
db
,
*
args
,
**
kwargs
):
# Let's get the JWT token. It should be a params (from get or post or whatev')
if
'token'
not
in
request
.
params
:
abort
(
403
,
"No token found in the query"
)
# We want the api id in the params to.
if
'api'
not
in
request
.
params
:
abort
(
403
,
"No api id found in the params"
)
# Now, let's get the token on our side
try
:
results
=
db
.
execute
(
'SELECT token FROM users WHERE api = ?'
,
(
request
.
params
[
'api'
],)).
fetchall
()
assert
len
(
results
)
==
1
token
=
results
[
0
][
0
]
auth_token
=
jwt
.
decode
(
request
.
params
[
'token'
],
token
)
assert
auth_token
[
'api'
]
==
request
.
params
[
'api'
]
except
(
jwt
.
exceptions
.
InvalidTokenError
,
AssertionError
)
as
e
:
abort
(
403
,
e
)
except
Exception
as
e
:
abort
(
500
,
e
)
return
f
(
db
,
*
args
,
**
kwargs
)
return
wrapped
@
get
(
'/call'
)
@
authenticated
def
call
(
db
):
return
'Ohai'
run
(
host
=
'localhost'
,
port
=
8080
,
debug
=
True
)
requirements.txt
View file @
2291f71d
bottle
bottle_sqlite
PyJWT
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment