def api_validate(): if not zk.get_login() and not zk.get_http_login(): resp = jsonify({"error": "Not authenticated", "error-num": 1}) resp.status_code = 401 return resp if zk.get_http_login(): pass_ = hash_pass(request.authorization.username, request.authorization.password) users = pysql().where('login', request.authorization.username.lower()).where('password', pass_).get('users') if len(users) != 1: resp = jsonify({"error": "Authication invalid", "error-num": 2}) resp.status_code = 401 return resp return None
def user(): """Return a username of the current API user. If they're logged into the site, return the username, If they're not, return the HTTP authorization username. """ return request.authorization.username if zk.get_http_login() else zk.get_username()