diff options
author | Lars Wirzenius <liw@liw.fi> | 2017-04-16 12:25:24 +0300 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2017-04-16 12:25:24 +0300 |
commit | 82c689984a9b687fd1a6de464e8fdf85e334cbf5 (patch) | |
tree | 48f3d344442684145dd5016cc813954530866eef | |
parent | 42d43bd0b67492032000b9ea89848397e8abf1e9 (diff) | |
download | distixapi-82c689984a9b687fd1a6de464e8fdf85e334cbf5.tar.gz |
Use get_scopes in backend
-rwxr-xr-x | distix-backend | 29 |
1 files changed, 27 insertions, 2 deletions
diff --git a/distix-backend b/distix-backend index 8259c30..e4ee380 100755 --- a/distix-backend +++ b/distix-backend @@ -7,6 +7,24 @@ import sys import bottle +import distixapi + + + +users = { + 'users': { + 'fooser': { + 'salt': 'nacl', + 'password': distixapi.encrypt_password('nacl', 'password'), + 'scopes': ['get', 'put'], + }, + 'no': { + 'salt': 'nacl', + 'password': distixapi.encrypt_password('nacl', 'password'), + 'scopes': [], + }, + }, +} class AuthenticationPlugin(object): @@ -14,8 +32,15 @@ class AuthenticationPlugin(object): name = 'AuthenticationPlugin' def apply(self, callback, route): - log('AuthenticationPlugin called on {}'.format(route['rule'])) - return callback + def authorize(*args, **kwargs): + try: + scopes = distixapi.get_scopes(users, bottle.request) + except distixapi.AuthenticationError: + return bottle.abort(401, 'Unauthorized') + if route['method'].lower() not in scopes: + return bottle.abort(401, 'Unauthorized') + return callback(*args, **kwargs) + return authorize @bottle.route('/') |