def throttle_check(request):
"""
Handles checking if the request should be throttled.
If so, returns number of seconds after which user can try again.
If not, returns 0.
Based originally on code from TastyPie, copyright Daniel Lindsley,
BSD license.
Note this does API key auth as a side effect, if user is not
already logged in.
"""
# First get best user identifier available.
if request.user.is_anonymous():
try:
check_api_authorization(request)
except PermissionDenied:
pass
if request.user.is_authenticated():
identifier = request.user.username
else:
# We don't check KEY_HEADER here because check_api_authorization()
# should have resolved that to a valid user account. So, if
# we're still not authenticated, any KEY_HEADER in the request
# was a bad key, and we should ignore it.
identifier = "%s_%s" % (request.META.get('REMOTE_ADDR', 'noaddr'),
request.META.get('REMOTE_HOST', 'nohost'))
if _throttle.should_be_throttled(identifier):
# Throttle limit exceeded.
return _throttle.seconds_till_unthrottling(identifier)
# Log throttle access.
_throttle.accessed(identifier,
url=request.get_full_path(),
request_method=request.method.lower())
return 0
def items_index(request):
"""
GET: Redirects to a list of JSON items.
POST: Takes a single JSON mapping describing a NewsItem, creates
it, and redirects to a JSON view of the created item
(HTTP response 201).
On errors, gives a 400 response.
"""
if request.method == 'GET':
return HttpResponseRedirect(reverse('items_json'))
elif request.method == 'POST':
check_api_authorization(request)
info = simplejson.loads(request.raw_post_data)
try:
item = _item_create(info)
except InvalidNewsItem, e:
errors = simplejson.dumps({'errors': e.errors}, indent=2)
return HttpResponseBadRequest(errors, content_type=JSON_CONTENT_TYPE)
item_url = reverse('single_item_json', kwargs={'id_': str(item.id)})
return HttpResponseCreated(item_url)
def throttle_check(request):
"""
Handles checking if the request should be throttled.
If so, returns number of seconds after which user can try again.
If not, returns 0.
Based originally on code from TastyPie, copyright Daniel Lindsley,
BSD license.
Note this does API key auth as a side effect, if user is not
already logged in.
"""
# First get best user identifier available.
if request.user.is_anonymous():
try:
check_api_authorization(request)
except PermissionDenied:
pass
if request.user.is_authenticated():
identifier = request.user.username
else:
# We don't check KEY_HEADER here because check_api_authorization()
# should have resolved that to a valid user account. So, if
# we're still not authenticated, any KEY_HEADER in the request
# was a bad key, and we should ignore it.
identifier = "%s_%s" % (request.META.get('REMOTE_ADDR', 'noaddr'),
request.META.get('REMOTE_HOST', 'nohost'))
if _throttle.should_be_throttled(identifier):
# Throttle limit exceeded.
return _throttle.seconds_till_unthrottling(identifier)
# Log throttle access.
_throttle.accessed(identifier, url=request.get_full_path(),
request_method=request.method.lower())
return 0
def items_index(request):
"""
GET: Redirects to a list of JSON items.
POST: Takes a single JSON mapping describing a NewsItem, creates
it, and redirects to a JSON view of the created item
(HTTP response 201).
On errors, gives a 400 response.
"""
if request.method == 'GET':
return HttpResponseRedirect(reverse('items_json'))
elif request.method == 'POST':
check_api_authorization(request)
info = simplejson.loads(request.raw_post_data)
try:
item = _item_create(info)
except InvalidNewsItem, e:
errors = simplejson.dumps({'errors': e.errors}, indent=2)
return HttpResponseBadRequest(errors,
content_type=JSON_CONTENT_TYPE)
item_url = reverse('single_item_json', kwargs={'id_': str(item.id)})
return HttpResponseCreated(item_url)
