Commit 4ddc171c authored by Daniel Albert's avatar Daniel Albert
Browse files

Make bot api a bit more pythonic, use decorators for authentification

parent 158b4a0f
from django.contrib import admin
# Register your models here.
from django.db import models
# Create your models here.
from django.test import TestCase
# Create your tests here.
......@@ -3,28 +3,30 @@ from django.http import JsonResponse, HttpResponseBadRequest
from django.forms import ModelForm
from django.core.exceptions import PermissionDenied, SuspiciousOperation
from django.shortcuts import render, redirect, get_object_or_404
from django.contrib.auth.models import AnonymousUser
from django.contrib.auth.decorators import login_required
from django.views.decorators.http import require_http_methods
from core.models import ApiKey, SnakeVersion, ServerCommand, get_user_profile
class bot_api(object):
def __init__(self, f):
self.f = f
def get_user(request):
try:
key = request.META.get('HTTP_AUTHORIZATION', None)
if key is not None:
return ApiKey.objects.get(key=key)
def __call__(self, request, *args, **kwargs):
try:
key = request.META.get('HTTP_AUTHORIZATION', None) or request.GET.get('token', None) or None
key = request.GET.get('token', None)
if key is not None:
return ApiKey.objects.get(key=key)
if key is not None:
request.user = ApiKey.objects.get(key=key)
if request.user.is_authenticated:
return request.user
# raise(NotImplementedError(str(type(request.user))))
if request.user and not request.user.is_anonymous:
return self.f(request, *args, **kwargs)
else:
raise ApiKey.DoesNotExist
raise PermissionDenied('API access needs login or api key')
except ApiKey.DoesNotExist:
raise PermissionDenied('invalid API key')
except ApiKey.DoesNotExist:
raise PermissionDenied('Unauthorized: not logged in or no / invalid api key given')
def version_dict(v):
......@@ -45,29 +47,30 @@ def full_version_dict(v):
@require_http_methods(['GET', 'POST', 'PUT'])
@bot_api
def version(request):
if request.method in ['PUT', 'POST']:
return put_version(request)
else:
return JsonResponse({'versions': [version_dict(v) for v in SnakeVersion.objects.filter(user=get_user(request))]})
return JsonResponse({'versions': [version_dict(v) for v in SnakeVersion.objects.filter(user=request.user)]})
@require_http_methods(['GET'])
@bot_api
def get_version(request, version_id):
user = get_user(request)
v = get_object_or_404(SnakeVersion, user=user, id=version_id)
v = get_object_or_404(SnakeVersion, user=request.user, id=version_id)
return JsonResponse(full_version_dict(v))
@require_http_methods(['POST', 'PUT'])
@bot_api
def put_version(request):
user = get_user(request)
data = json.loads(request.body)
if not isinstance(data, dict):
return HttpResponseBadRequest('need to send a json dict as request body')
v = SnakeVersion()
v.user = user
v.user = request.user
v.parent = data.get('parent', None)
v.comment = data.get('comment', None)
v.code = data.get('code', None)
......@@ -78,9 +81,9 @@ def put_version(request):
@require_http_methods(['GET'])
@bot_api
def get_active_version(request):
user = get_user(request)
up = get_user_profile(user)
up = get_user_profile(request.user)
v = up.active_snake
if v:
return get_version(request, version_id=v.id)
......@@ -89,28 +92,28 @@ def get_active_version(request):
@require_http_methods(['POST'])
@bot_api
def activate_version(request, version_id):
user = get_user(request)
v = get_object_or_404(SnakeVersion, user=user, id=version_id)
up = get_user_profile(user)
v = get_object_or_404(SnakeVersion, user=request.user, id=version_id)
up = get_user_profile(request.user)
up.active_snake = v
up.save()
return JsonResponse(version_dict(v))
@require_http_methods(['POST'])
@bot_api
def disable_active_version(request):
user = get_user(request)
up = get_user_profile(user)
up = get_user_profile(request.user)
up.active_snake = None
up.save()
return JsonResponse({'result': 'ok'})
@require_http_methods(['POST'])
@bot_api
def disable_version(request, version_id):
user = get_user(request)
up = get_user_profile(user)
up = get_user_profile(request.user)
if up.active_snake is not None and up.active_snake.id == version_id:
up.active_snake = None
up.save()
......@@ -118,19 +121,21 @@ def disable_version(request, version_id):
@require_http_methods(['POST', 'DELETE'])
@bot_api
def kill_bot(request):
user = get_user(request)
ServerCommand(user=user, command='kill').save()
ServerCommand(user=request.user, command='kill').save()
return JsonResponse({'result': 'ok'})
@require_http_methods(['GET'])
@bot_api
def get_viewer_key(request):
user = get_user(request)
up = get_user_profile(user)
up = get_user_profile(request.user)
return JsonResponse({'viewer_key': up.viewer_key})
######################
# API KEY MANAGEMENT #
######################
@require_http_methods(['GET'])
@login_required()
def list_api_keys(request):
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment