def wrapper(request, *args, **kwargs) :
API_key = extract_api_key(request)
key = get_api_key(API_key)
if not key :
json = generate_json_error_msg(-999
,"Error INVALID API Key used please use or register a proper key"
,API_key
,request.method
)
return HttpResponse(json, mimetype='application/json', status=HTTP_UNAUTHORIZED)
if key.has_all_permissions(permissions) and key.has_access():
return func( request, *args, **kwargs)
if not key.has_all_permissions(permissions):
json = generate_json_error_msg(-997
,"Error this key does not have the permission to access this call"
,API_key
,request.method
)
if not key.has_access():
json = generate_json_error_msg(-800
,"Error quota exceeded!"
,API_key
,request.method
)
return HttpResponse(json, mimetype='application/json', status=HTTP_UNAUTHORIZED)
def process_request(self, request):
if not TokitPath.is_key_required_for(request.path):
return None
request_api_key = extract_api_key(request)
if request_api_key:
key = get_api_key(request_api_key)
if key and key.has_access():
return None
return HttpResponse("Forbidden", status=401)
def test_extract_api_key_should_return_the_key_from_the_querystring_for_post(self):
self.request.method = "POST"
self.request.POST['api_key'] = 12345
self.assertEqual(extract_api_key(self.request), 12345)
def test_extract_api_key_should_return_a_key_when_set_in_header(self):
self.assertEqual(extract_api_key(self.request), None)
self.request.META['HTTP_API_KEY'] = 12345
self.assertEqual(extract_api_key(self.request), 12345)