Beispiel #1
0
def api_validate():
	if not zk.get_login() and not zk.get_http_login():
		resp = jsonify({"error": "Not authenticated", "error-num": 1})
		resp.status_code = 401
		return resp
	if zk.get_http_login():
		pass_ = hash_pass(request.authorization.username, request.authorization.password)
		users = pysql().where('login', request.authorization.username.lower()).where('password', pass_).get('users')
		if len(users) != 1:
			resp = jsonify({"error": "Authication invalid", "error-num": 2})
			resp.status_code = 401
			return resp
	return None
Beispiel #2
0
def user():
	"""Return a username of the current API user.
		If they're logged into the site, return the username,
		If they're not, return the HTTP authorization username.
	"""
	return request.authorization.username if zk.get_http_login() else zk.get_username()