diff options
| author | Milo Casagrande <milo.casagrande@linaro.org> | 2014-10-20 22:41:04 +0200 |
|---|---|---|
| committer | Milo Casagrande <milo.casagrande@linaro.org> | 2014-10-20 22:41:04 +0200 |
| commit | 46b5d152466ca6417e2b05b29d83e5eec557d834 (patch) | |
| tree | f48659ce75984900c6c54694ed0475deedf70cb6 /app/handlers/token.py | |
| parent | 9f82a0a7e384e9a620bc451a2c7b07d3f313c09a (diff) | |
token: Refactor token validation decorator.
Change-Id: I7d26ba2c67abd047bc439725f3b9407e4becade1
Diffstat (limited to 'app/handlers/token.py')
| -rw-r--r-- | app/handlers/token.py | 57 |
1 files changed, 13 insertions, 44 deletions
diff --git a/app/handlers/token.py b/app/handlers/token.py index 014f8a9..dd79c89 100644 --- a/app/handlers/token.py +++ b/app/handlers/token.py @@ -15,20 +15,15 @@ """The RequestHandler for /token URLs.""" -import tornado - -from functools import partial -from tornado.web import ( - asynchronous, -) from urlparse import urlunparse from handlers.base import BaseHandler from handlers.common import ( + NOT_VALID_TOKEN, TOKEN_VALID_KEYS, get_query_fields, + valid_token_th, ) -from handlers.decorators import protected_th from handlers.response import HandlerResponse from models import ( ADMIN_KEY, @@ -67,17 +62,9 @@ class TokenHandler(BaseHandler): def _valid_keys(method): return TOKEN_VALID_KEYS.get(method, None) - @protected_th("GET") - @asynchronous - def get(self, *args, **kwargs): - self.executor.submit( - partial(self.execute_get, *args, **kwargs) - ).add_done_callback( - lambda future: - tornado.ioloop.IOLoop.instance().add_callback( - partial(self._create_valid_response, future.result()) - ) - ) + @staticmethod + def _token_validation_func(): + return valid_token_th def _get_one(self, doc_id): # Overridden: with the token we do not search by _id, but @@ -100,17 +87,6 @@ class TokenHandler(BaseHandler): return response - @protected_th("POST") - @asynchronous - def post(self, *args, **kwargs): - self.executor.submit( - partial(self.execute_post, *args, **kwargs) - ).add_done_callback( - lambda future: tornado.ioloop.IOLoop.instance().add_callback( - partial(self._create_valid_response, future.result()) - ) - ) - def _post(self, *args, **kwargs): response = None @@ -263,17 +239,6 @@ class TokenHandler(BaseHandler): return token - @protected_th("DELETE") - @asynchronous - def delete(self, *args, **kwargs): - self.executor.submit( - partial(self.execute_delete, *args, **kwargs) - ).add_done_callback( - lambda future: - tornado.ioloop.IOLoop.instance().add_callback( - partial(self._create_valid_response, future.result())) - ) - def execute_delete(self, *args, **kwargs): """Called by the actual DELETE method. @@ -285,10 +250,14 @@ class TokenHandler(BaseHandler): """ response = HandlerResponse(400) - if kwargs and kwargs.get('id', None): - response.status_code = self._delete(kwargs['id']) - if response.status_code == 200: - response.reason = "Resource deleted" + if self._validate_req_token("DELETE"): + if kwargs and kwargs.get('id', None): + response.status_code = self._delete(kwargs['id']) + if response.status_code == 200: + response.reason = "Resource deleted" + else: + response.status_code = 403 + response.reason = NOT_VALID_TOKEN return response |