def apikey(): """ Verify OC membership and return an API key. The API key will be saved in the DB to verify use as well as returned upon subsequent calls to this endpoint with the same OC credentials. """ json = request.get_json() email = json.get('email') password = json.get('password') is_oc_member = is_user_oc_member(email, password) if not is_oc_member: return unauthorized_response() try: # We need to check the database for an existing key apikey = Key.query.filter_by(email=email).first() # Don't return success for blacklisted keys if apikey and apikey.blacklisted: return unauthorized_response() if not apikey: # Since they're already authenticated by is_oc_user(), we know we # can generate an API key for them if they don't already have one apikey = create_new_apikey(email, db.session) if not apikey: return utils.standardize_response(status_code=500) logger.info(apikey.serialize) return utils.standardize_response(payload=dict(data=apikey.serialize), datatype="credentials") except Exception as e: logger.exception(e) return utils.standardize_response(status_code=500)
def apikey(): """ Verify OC membership and return an API key. The API key will be saved in the DB to verify use as well as returned upon subsequent calls to this endpoint with the same OC credentials. """ json = request.get_json() email = json.get('email') password = json.get('password') is_oc_member = is_user_oc_member(email, password) if not is_oc_member: payload = dict(errors=["Invalid username or password"]) return standardize_response(payload=payload, status_code=401) try: # We need to check the database for an existing key apikey = Key.query.filter_by(email=email).first() if not apikey: # Since they're already authenticated by is_oc_user(), we know we # can generate an API key for them if they don't already have one return create_new_apikey(email) logger.info(apikey.serialize) return standardize_response(payload=dict(data=apikey.serialize)) except Exception as e: logger.exception(e) return standardize_response(status_code=500)
def apikey(): """ Verify OC membership and return an API key. The API key will be saved in the DB to verify use as well as returned upon subsequent calls to this endpoint with the same OC credentials. """ json = request.get_json() email = json.get('email') password = json.get('password') is_oc_member = is_user_oc_member(email, password) if not is_oc_member: errors = [{"code": "not-authorized"}] return standardize_response(None, errors, "not authorized", 401) try: # We need to check the database for an existing key apikey = Key.query.filter_by(email=email).first() if not apikey: # Since they're already authenticated by is_oc_user(), we know we # can generate an API key for them if they don't already have one return create_new_apikey(email) logger.info(apikey.serialize) return standardize_response(apikey.serialize, None, "ok") except Exception as e: logger.error(e) errors = [{"code": "internal-server-error"}] return standardize_response(None, errors, "internal server error", 500)