def apikey():
"""
Verify OC membership and return an API key. The API key will be
saved in the DB to verify use as well as returned upon subsequent calls
to this endpoint with the same OC credentials.
"""
json = request.get_json()
email = json.get('email')
password = json.get('password')
is_oc_member = is_user_oc_member(email, password)
if not is_oc_member:
return unauthorized_response()
try:
# We need to check the database for an existing key
apikey = Key.query.filter_by(email=email).first()
# Don't return success for blacklisted keys
if apikey and apikey.blacklisted:
return unauthorized_response()
if not apikey:
# Since they're already authenticated by is_oc_user(), we know we
# can generate an API key for them if they don't already have one
apikey = create_new_apikey(email, db.session)
if not apikey:
return utils.standardize_response(status_code=500)
logger.info(apikey.serialize)
return utils.standardize_response(payload=dict(data=apikey.serialize),
datatype="credentials")
except Exception as e:
logger.exception(e)
return utils.standardize_response(status_code=500)
def apikey():
"""
Verify OC membership and return an API key. The API key will be
saved in the DB to verify use as well as returned upon subsequent calls
to this endpoint with the same OC credentials.
"""
json = request.get_json()
email = json.get('email')
password = json.get('password')
is_oc_member = is_user_oc_member(email, password)
if not is_oc_member:
payload = dict(errors=["Invalid username or password"])
return standardize_response(payload=payload, status_code=401)
try:
# We need to check the database for an existing key
apikey = Key.query.filter_by(email=email).first()
if not apikey:
# Since they're already authenticated by is_oc_user(), we know we
# can generate an API key for them if they don't already have one
return create_new_apikey(email)
logger.info(apikey.serialize)
return standardize_response(payload=dict(data=apikey.serialize))
except Exception as e:
logger.exception(e)
return standardize_response(status_code=500)
def apikey():
"""
Verify OC membership and return an API key. The API key will be
saved in the DB to verify use as well as returned upon subsequent calls
to this endpoint with the same OC credentials.
"""
json = request.get_json()
email = json.get('email')
password = json.get('password')
is_oc_member = is_user_oc_member(email, password)
if not is_oc_member:
errors = [{"code": "not-authorized"}]
return standardize_response(None, errors, "not authorized", 401)
try:
# We need to check the database for an existing key
apikey = Key.query.filter_by(email=email).first()
if not apikey:
# Since they're already authenticated by is_oc_user(), we know we
# can generate an API key for them if they don't already have one
return create_new_apikey(email)
logger.info(apikey.serialize)
return standardize_response(apikey.serialize, None, "ok")
except Exception as e:
logger.error(e)
errors = [{"code": "internal-server-error"}]
return standardize_response(None, errors, "internal server error", 500)
