BenLubar/lemoncurry
1
0
Fork 0
forked from 00dani/lemoncurry
Code Issues Pull requests Releases Wiki Activity

Refactor the Micropub error responses into a non-view module, have them produce an immediately raise-able exception

Browse source
This commit is contained in:
Danielle McLean 2018-07-03 10:03:35 +10:00
parent 065619772e
commit d68dda85ad
Signed by untrusted user: 00dani
GPG key ID: 8EB789DDF3ABD240
9 changed files with 69 additions and 73 deletions
Download patch file Download diff file Expand all files Collapse all files

17
lemonauth/tokens.py
View file

@ -1,31 +1,26 @@
from lemoncurry.middleware import ResponseException
from micropub.views import error
from micropub import error
from .models import IndieAuthCode, Token
def auth(request):
def auth(request) -> Token:
if 'HTTP_AUTHORIZATION' in request.META:
auth = request.META.get('HTTP_AUTHORIZATION').split(' ')
if auth[0] != 'Bearer':
raise ResponseException(error.bad_req(
'auth type {0} not supported'.format(auth[0])
))
raise error.bad_req('auth type {0} not supported'.format(auth[0]))
if len(auth) != 2:
raise ResponseException(error.bad_req(
'invalid Bearer auth format, must be Bearer <token>'
))
raise error.bad_req('invalid Bearer auth format, must be Bearer <token>')
token = auth[1]
elif 'access_token' in request.POST:
token = request.POST.get('access_token')
elif 'access_token' in request.GET:
token = request.GET.get('access_token')
else:
raise ResponseException(error.unauthorized())
raise error.unauthorized()
try:
token = Token.objects.get(pk=token)
except Token.DoesNotExist:
raise ResponseException(error.forbidden())
raise error.forbidden()
return token