diff options
| author | Milo Casagrande <milo.casagrande@linaro.org> | 2014-10-21 15:04:55 +0200 |
|---|---|---|
| committer | Milo Casagrande <milo.casagrande@linaro.org> | 2014-10-21 15:04:55 +0200 |
| commit | a68295aadf1c273ba3afeca34f13a44ce7dc24f6 (patch) | |
| tree | 0b19b7adb8b575b50feb6f225482e09ff420da26 /app/handlers/base.py | |
| parent | dbb05247b26f278b7435906dfaa1514bf17a2141 (diff) | |
handlers: Refactor token validation logic.
* Add master_key validation where it belongs, only in the
token handler.
* Rework validation methods.
* Add tests.
Change-Id: Ib457963bc2ae2018e8241297f75b8667dac0e572
Diffstat (limited to 'app/handlers/base.py')
| -rw-r--r-- | app/handlers/base.py | 35 |
1 files changed, 20 insertions, 15 deletions
diff --git a/app/handlers/base.py b/app/handlers/base.py index 3d352d3..4342275 100644 --- a/app/handlers/base.py +++ b/app/handlers/base.py @@ -189,7 +189,7 @@ class BaseHandler(RequestHandler): """ response = None - if self._validate_req_token("POST"): + if self.validate_req_token("POST"): valid_request = self._valid_post_request() if valid_request == 200: @@ -265,7 +265,7 @@ class BaseHandler(RequestHandler): """ response = None - if self._validate_req_token("DELETE"): + if self.validate_req_token("DELETE"): if kwargs and kwargs.get('id', None): response = self._delete(kwargs['id']) else: @@ -311,7 +311,7 @@ class BaseHandler(RequestHandler): """ response = None - if self._validate_req_token("GET"): + if self.validate_req_token("GET"): if kwargs and kwargs.get("id", None): response = self._get_one(kwargs["id"]) else: @@ -431,7 +431,7 @@ class BaseHandler(RequestHandler): super(BaseHandler, self).write_error(status_code, kwargs) # TODO: cache the validated token. - def _validate_req_token(self, method): + def validate_req_token(self, method): """Validate the request token. :param method: The HTTP verb we are validating. @@ -442,19 +442,11 @@ class BaseHandler(RequestHandler): req_token = self.request.headers.get(API_TOKEN_HEADER, None) remote_ip = self.request.remote_ip master_key = self.settings.get(MASTER_KEY, None) - token_obj = None if req_token: - token_obj = self._find_token(req_token, self.db) - - if token_obj: - valid_token = validate_token( - token_obj, - method, - remote_ip, - master_key, - self._token_validation_func() - ) + valid_token = self._token_validation( + req_token, method, remote_ip, master_key + ) if not valid_token: self.log.info( @@ -464,6 +456,19 @@ class BaseHandler(RequestHandler): return valid_token + def _token_validation(self, req_token, method, remote_ip, master_key): + valid_token = False + token_obj = self._find_token(req_token, self.db) + + if token_obj: + valid_token = validate_token( + token_obj, + method, + remote_ip, + self._token_validation_func() + ) + return valid_token + # TODO: cache the token from the DB. @staticmethod def _find_token(token, db_conn): |