def authErrors():
# Check auth
if not request.headers.get('Authorization'):
return ({'status': 'error', 'reason': 'Authentication needed'}, 401)
method, name, token = Advanced_API.getAuth()
data = None
if method.lower() not in ['basic', 'token', 'session', 'bearer']:
data = ({'status': 'error', 'reason': 'Authorization method not allowed'}, 400)
else:
try:
authenticated = False
if method.lower() == 'basic':
authenticator = AuthenticationHandler()
if authenticator.validateUser(name, token): authenticated = True
elif method.lower() == 'bearer':
authenticated, name = db.isBearerAuthenticated(token)
elif method.lower() == 'token':
if db.getToken(name) == token: authenticated = True
elif method.lower() == 'session':
authenticator = AuthenticationHandler()
if authenticator.api_sessions.get(name) == token: authenticated = True
if not authenticated: data = ({'status': 'error', 'reason': 'Authentication failed'}, 401)
except Exception as e:
print(e)
data = ({'status': 'error', 'reason': 'Malformed Authentication String'}, 400)
if data:
return data
else: return None
def getAuth():
method, auth = (request.headers.get('Authorization')+" ").split(" ", 1) # Adding and removing space to ensure decent split
name, key = (':'+auth.strip()).rsplit(":", 1)
name = name[1:] # Adding and removing colon to ensure decent split
if method == 'bearer':
auth, name = db.isBearerAuthenticated(key)
return method, name, key
