aboutsummaryrefslogtreecommitdiff
path: root/pyaggr3g470r/views/api/common.py
diff options
context:
space:
mode:
authorFrançois Schmidts <francois.schmidts@gmail.com>2015-01-15 17:42:54 +0100
committerFrançois Schmidts <francois.schmidts@gmail.com>2015-03-03 22:22:14 +0100
commitcc2829c95c391043653a3bd543176f3c92f49d72 (patch)
treeb36466f6cceefd7a5b5d7720ffbedb282cd0d69b /pyaggr3g470r/views/api/common.py
parentglobal esthetics tweak (diff)
downloadnewspipe-cc2829c95c391043653a3bd543176f3c92f49d72.tar.gz
newspipe-cc2829c95c391043653a3bd543176f3c92f49d72.tar.bz2
newspipe-cc2829c95c391043653a3bd543176f3c92f49d72.zip
splitting and refactoring the Restful api part
Diffstat (limited to 'pyaggr3g470r/views/api/common.py')
-rw-r--r--pyaggr3g470r/views/api/common.py79
1 files changed, 79 insertions, 0 deletions
diff --git a/pyaggr3g470r/views/api/common.py b/pyaggr3g470r/views/api/common.py
new file mode 100644
index 00000000..872c4ae1
--- /dev/null
+++ b/pyaggr3g470r/views/api/common.py
@@ -0,0 +1,79 @@
+from functools import wraps
+from flask import request, g, session, Response, jsonify
+from flask.ext.restful import Resource
+
+from pyaggr3g470r import db
+from pyaggr3g470r.models import User
+
+
+class HttpError(Exception):
+ pass
+
+
+def authenticate(func):
+ """
+ Decorator for the authentication to the web services.
+ """
+ @wraps(func)
+ def wrapper(*args, **kwargs):
+ if not getattr(func, 'authenticated', True):
+ return func(*args, **kwargs)
+
+ # authentication based on the session (already logged on the site)
+ if 'email' in session or g.user.is_authenticated():
+ return func(*args, **kwargs)
+
+ # authentication via HTTP only
+ auth = request.authorization
+ try:
+ email = auth.username
+ user = User.query.filter(User.email == email).first()
+ if user and user.check_password(auth.password) and user.activation_key == "":
+ g.user = user
+ return func(*args, **kwargs)
+ except AttributeError:
+ pass
+
+ return Response('<Authentication required>', 401,
+ {'WWWAuthenticate':'Basic realm="Login Required"'})
+ return wrapper
+
+
+def to_response(func):
+ def wrapper(*args, **kwargs):
+ try:
+ res = func(*args, **kwargs)
+ except HttpError, error:
+ return Response(*error.args)
+ if isinstance(res, tuple):
+ response = jsonify(**res[0])
+ if len(res) > 1:
+ response.status_code = res[1]
+ return response
+ return res
+ return wrapper
+
+
+class PyAggResource(Resource):
+ db_cls = None
+
+ def _get_or_raise(self, obj_id=None):
+ if obj_id is None:
+ raise HttpError({'message': 'No id given'}, 400)
+ obj = self.db_cls.query.filter(self.db_cls.id == obj_id).first()
+ if obj is None:
+ raise HttpError({'message': 'Article not found'}, 404)
+ if obj.user_id != g.user.id:
+ raise HttpError({'message': "Unauthorized for %s."
+ % self.db_cls.__class__.__name__}, 403)
+ return obj
+
+ def get(self, id=None):
+ return {'result': [self._get_or_raise(id).dump()]}
+
+ def delete(self, id):
+ """Delete a feed."""
+ feed = self._get_or_raise(id)
+ db.session.delete(feed)
+ db.session.commit()
+ return {"message": "ok"}, 204
bgstack15