def authentication(): """ Attempt HTTP authentication via API keys on a per-request basis. """ auth_header = request.headers.get('Authorization') api_key = request.args.get('api_key') if auth_header is not None: auth_type, api_key = auth_header.split(' ', 1) if api_key is not None: try: request.user = User.by_api_key(api_key) except: raise Unauthorized('Invalid API key.') elif 'user_id' in session: request.user = User.by_id(session['user_id']) else: request.user = None
def load_user_from_request(request): api_key = request.headers.get('X-API-Key') \ or request.args.get('api_key') if api_key is not None: return User.by_api_key(api_key)