def check_auth(): api_key = request.headers.get('Authorization') \ or request.args.get('api_key') if session.get('id'): request.account = Account.by_id(session.get('id')) if request.account is None: del session['id'] raise Unauthorized() elif api_key is not None: request.account = Account.by_api_key(api_key) if request.account is None: raise Unauthorized() else: request.account = None
def check_auth(): api_key = request.headers.get('X-Grano-API-Key') \ or request.args.get('api_key') if session.get('id'): request.account = Account.by_id(session.get('id')) if request.account is None: del session['id'] raise Unauthorized() elif api_key is not None: request.account = Account.by_api_key(api_key) if request.account is None: raise Unauthorized() if arg_bool('api_key_cookie'): session['id'] = request.account.id else: request.account = None