summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLars Wirzenius <liw@liw.fi>2017-04-16 12:25:24 +0300
committerLars Wirzenius <liw@liw.fi>2017-04-16 12:25:24 +0300
commit82c689984a9b687fd1a6de464e8fdf85e334cbf5 (patch)
tree48f3d344442684145dd5016cc813954530866eef
parent42d43bd0b67492032000b9ea89848397e8abf1e9 (diff)
downloaddistixapi-82c689984a9b687fd1a6de464e8fdf85e334cbf5.tar.gz
Use get_scopes in backend
-rwxr-xr-xdistix-backend29
1 files changed, 27 insertions, 2 deletions
diff --git a/distix-backend b/distix-backend
index 8259c30..e4ee380 100755
--- a/distix-backend
+++ b/distix-backend
@@ -7,6 +7,24 @@ import sys
import bottle
+import distixapi
+
+
+
+users = {
+ 'users': {
+ 'fooser': {
+ 'salt': 'nacl',
+ 'password': distixapi.encrypt_password('nacl', 'password'),
+ 'scopes': ['get', 'put'],
+ },
+ 'no': {
+ 'salt': 'nacl',
+ 'password': distixapi.encrypt_password('nacl', 'password'),
+ 'scopes': [],
+ },
+ },
+}
class AuthenticationPlugin(object):
@@ -14,8 +32,15 @@ class AuthenticationPlugin(object):
name = 'AuthenticationPlugin'
def apply(self, callback, route):
- log('AuthenticationPlugin called on {}'.format(route['rule']))
- return callback
+ def authorize(*args, **kwargs):
+ try:
+ scopes = distixapi.get_scopes(users, bottle.request)
+ except distixapi.AuthenticationError:
+ return bottle.abort(401, 'Unauthorized')
+ if route['method'].lower() not in scopes:
+ return bottle.abort(401, 'Unauthorized')
+ return callback(*args, **kwargs)
+ return authorize
@bottle.route('/')