def create_app(name):
app = Flask(name)
authenticator = HeaderApiKeyAuthenticator(header="X-MyApp-Key")
# The HeaderApiKeyAuthenticator does super simple authentication, designed for
# service-to-service authentication inside of a protected network, by looking for a
# shared secret in the specified header. Here we define what that shared secret is.
authenticator.register_key(key="my-api-key")
registry.set_default_authenticator(authenticator=authenticator)
rebar.init_app(app=app)
return app
def register_multiple_authenticators(registry):
default_authenticator = HeaderApiKeyAuthenticator(
header=DEFAULT_AUTH_HEADER, name="default"
)
default_authenticator.register_key(app_name="internal", key=DEFAULT_AUTH_SECRET)
alternative_default_authenticator = HeaderApiKeyAuthenticator(
header=DEFAULT_ALTERNATIVE_AUTH_HEADER, name="alternative"
)
alternative_default_authenticator.register_key(
app_name="internal", key=DEFAULT_ALTERNATIVE_AUTH_SECRET
)
registry.set_default_authenticators(
(default_authenticator, alternative_default_authenticator)
)
def test_override_authenticator(self):
auth_header = 'x-overridden-auth'
auth_secret = 'BLAM!'
rebar = Rebar()
registry = rebar.create_handler_registry()
register_default_authenticator(registry)
authenticator = HeaderApiKeyAuthenticator(header=auth_header)
authenticator.register_key(app_name='internal', key=auth_secret)
register_endpoint(registry, authenticator=authenticator)
app = create_rebar_app(rebar)
resp = app.test_client().get(path='/foos/1',
headers=auth_headers(header=auth_header,
secret=auth_secret))
self.assertEqual(resp.status_code, 200)
self.assertEqual(get_json_from_resp(resp), DEFAULT_RESPONSE)
# The default authentication doesn't work anymore!
resp = app.test_client().get(path='/foos/1', headers=auth_headers())
self.assertEqual(resp.status_code, 401)
def register_default_authenticator(registry):
default_authenticator = HeaderApiKeyAuthenticator(
header=DEFAULT_AUTH_HEADER, name='default')
default_authenticator.register_key(app_name='internal',
key=DEFAULT_AUTH_SECRET)
registry.set_default_authenticator(default_authenticator)
# -*- coding: utf-8 -*-
""" REST API - Endpoint routing
Author(s): Adam Mitchell, [email protected]
"""
from flask import current_app, request
from flask_rebar import HeaderApiKeyAuthenticator, Rebar, response
from rest_api.schemas import *
authenticator = HeaderApiKeyAuthenticator(header='X-MyApp-ApiKey')
authenticator.register_key(key='my-super-secret-key')
rebar = Rebar()
registry = rebar.create_handler_registry()
@registry.handles(rule='/generic_greeting',
method='GET',
marshal_schema={200: GetGenericGreetingSchema()},
authenticator=authenticator)
def getGenericGreeting():
return ({'message': 'Hello, Generic Person!'}, 200)
@registry.handles(rule='/personalised_greeting',
method='GET',
marshal_schema={200: GetGenericGreetingSchema()},
query_string_schema=GetPersonalisedGreetingSchema(),
authenticator=authenticator)
def getPersonalisedGreeting():