auth and limit
This commit is contained in:
parent
d8dcfd3e8e
commit
bfbaab2e02
4
Auth.py
4
Auth.py
@ -3,11 +3,11 @@ import os
|
|||||||
import werkzeug
|
import werkzeug
|
||||||
|
|
||||||
|
|
||||||
JWT_SECRET = os.environ['JWT_SECRET']
|
JWT_PUB_KEY = os.environ['JWT_PUB_KEY']
|
||||||
|
|
||||||
def decodeToken(token):
|
def decodeToken(token):
|
||||||
try:
|
try:
|
||||||
return jwt.decode(token, JWT_SECRET)
|
return jwt.decode(token, JWT_PUB_KEY, audience="mainscnt")
|
||||||
except JWTError as e:
|
except JWTError as e:
|
||||||
print("ERROR: decodeToken: {}".format(e))
|
print("ERROR: decodeToken: {}".format(e))
|
||||||
raise werkzeug.exceptions.Unauthorized()
|
raise werkzeug.exceptions.Unauthorized()
|
||||||
|
@ -25,12 +25,18 @@ def insert(**args):
|
|||||||
|
|
||||||
|
|
||||||
def get(start, stop, token_info=None, location=None):
|
def get(start, stop, token_info=None, location=None):
|
||||||
|
logging.info("Token: {}".format(token_info))
|
||||||
if 'read/mainscnt/entries' not in token_info['x-scope']:
|
if 'read/mainscnt/entries' not in token_info['x-scope']:
|
||||||
raise werkzeug.exceptions.Forbidden()
|
raise werkzeug.exceptions.Forbidden()
|
||||||
|
LIMITS_PREFIX = 'mainscnt/entries/'
|
||||||
|
limit = 0
|
||||||
|
if ('x-limits' in token_info) and (token_info['x-limits'].startswith(LIMITS_PREFIX)):
|
||||||
|
limit = int(token_info['x-limits'][len(LIMITS_PREFIX):])
|
||||||
res = [
|
res = [
|
||||||
{
|
{
|
||||||
'timestamp': datetime.datetime.now(),
|
'timestamp': datetime.datetime.now(),
|
||||||
'frequency': 50.0
|
'frequency': 50.0,
|
||||||
|
'maxentries': limit
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
return res
|
return res
|
Loading…
x
Reference in New Issue
Block a user