def authenticate(self):
""" Return 401 if authorization fails. """
username = self.request.headers.get("Username", None)
access_token = self.request.headers.get("Access-Token", None)
logging.debug("Authenticating username <{}> token <{}>".format(username, access_token))
db_user = user_repo.get_by_username(username)
if username is None or access_token is None or db_user is None or db_user.access_token != access_token:
webapp2.abort(401, "Authentication failed, please verify Username and Access-Token headers")
return username
def post(self):
""" Generates and returns an access token for a POSTed username. """
json_object = json.loads(self.request.body)
self.validate_json_fields(["username"], json_object)
posted_username = json_object["username"]
existing_user = user_repo.get_by_username(posted_username)
if not existing_user:
user = user_repo.create(username=posted_username)
content = {
"username": user.username,
"access_token": user.access_token,
"message": "Registration succeeded",
}
else:
content = {
"username": None,
"access_token": None,
"message": "Registration failed: username <{}> already exists".format(posted_username),
}
self.response.content_type = "application/json"
self.response.write(json.dumps(content))