aboutsummaryrefslogtreecommitdiff
path: root/src/web/views/api
diff options
context:
space:
mode:
Diffstat (limited to 'src/web/views/api')
-rw-r--r--src/web/views/api/v3/common.py17
1 files changed, 17 insertions, 0 deletions
diff --git a/src/web/views/api/v3/common.py b/src/web/views/api/v3/common.py
index 9ff7d96e..4234a91a 100644
--- a/src/web/views/api/v3/common.py
+++ b/src/web/views/api/v3/common.py
@@ -1,9 +1,26 @@
+from flask import request
from flask.ext.login import current_user
from flask.ext.restless import ProcessingException
+from werkzeug.exceptions import NotFound
+from web.controllers import ArticleController, UserController
+from web.views.common import login_user_bundle
url_prefix = '/api/v3'
def auth_func(*args, **kw):
+ if request.authorization:
+ ucontr = UserController()
+ try:
+ user = ucontr.get(nickname=request.authorization.username)
+ except NotFound:
+ raise ProcessingException("Couldn't authenticate your user",
+ code=401)
+ if not ucontr.check_password(user, request.authorization.password):
+ raise ProcessingException("Couldn't authenticate your user",
+ code=401)
+ if not user.is_active:
+ raise ProcessingException("User is desactivated", code=401)
+ login_user_bundle(user)
if not current_user.is_authenticated:
raise ProcessingException(description='Not authenticated!', code=401)
bgstack15