def closure(request, *args, **kwargs):
api_key = request.GET.get('key', None)
heka_client = get_heka_client()
stats_client = request.registry.stats_client
if api_key is None:
stats_client.incr('%s.no_api_key' % func_name)
if error_on_invalidkey:
return invalid_api_key_response()
session = request.db_slave_session
try:
result = session.execute(API_CHECK.bindparams(api_key=api_key))
found_key = result.fetchone()
except Exception: # pragma: no cover
# if we cannot connect to backend DB, skip api key check
heka_client.raven(RAVEN_ERROR)
stats_client.incr('%s.dbfailure_skip_api_key' % func_name)
return func(request, *args, **kwargs)
if found_key is not None:
maxreq, api_key_log, shortname = found_key
if not shortname: # pragma: no cover
shortname = api_key
# remember api key and shortname on the request
request.api_key_log = bool(api_key_log)
request.api_key_name = shortname
stats_client.incr('%s.api_key.%s' % (func_name, shortname))
should_limit = rate_limit(request.registry.redis_client,
api_key,
maxreq=maxreq)
if should_limit:
result = HTTPForbidden()
result.content_type = 'application/json'
result.body = DAILY_LIMIT
return result
elif should_limit is None: # pragma: no cover
# We couldn't connect to Redis
stats_client.incr('%s.redisfailure_skip_limit' % func_name)
else:
stats_client.incr('%s.unknown_api_key' % func_name)
if error_on_invalidkey:
return invalid_api_key_response()
# provide the same api log/name attributes
request.api_key_log = False
request.api_key_name = None
return func(request, *args, **kwargs)
def closure(request, *args, **kwargs):
api_key = request.GET.get('key', None)
raven_client = request.registry.raven_client
stats_client = request.registry.stats_client
if api_key is None:
stats_client.incr('%s.no_api_key' % func_name)
if error_on_invalidkey:
return invalid_api_key_response()
session = request.db_ro_session
try:
result = session.execute(API_CHECK.bindparams(api_key=api_key))
found_key = result.fetchone()
except Exception: # pragma: no cover
# if we cannot connect to backend DB, skip api key check
raven_client.captureException()
stats_client.incr('%s.dbfailure_skip_api_key' % func_name)
return func(request, *args, **kwargs)
if found_key is not None:
maxreq, api_key_log, shortname = found_key
if not shortname: # pragma: no cover
shortname = api_key
# remember api key and shortname on the request
request.api_key_log = bool(api_key_log)
request.api_key_name = shortname
stats_client.incr('%s.api_key.%s' % (func_name, shortname))
should_limit = rate_limit(request.registry.redis_client,
api_key, maxreq=maxreq)
if should_limit:
result = HTTPForbidden()
result.content_type = 'application/json'
result.body = DAILY_LIMIT
return result
elif should_limit is None: # pragma: no cover
# We couldn't connect to Redis
stats_client.incr('%s.redisfailure_skip_limit' % func_name)
else:
stats_client.incr('%s.unknown_api_key' % func_name)
if error_on_invalidkey:
return invalid_api_key_response()
# provide the same api log/name attributes
request.api_key_log = False
request.api_key_name = None
return func(request, *args, **kwargs)
def closure(request, *args, **kwargs):
raven_client = request.registry.raven_client
stats_client = request.registry.stats_client
api_key = None
api_key_text = request.GET.get('key', None)
if api_key_text is None:
stats_client.incr('%s.no_api_key' % func_name)
if error_on_invalidkey:
return invalid_api_key_response()
try:
api_key = ApiKey.getkey(request.db_ro_session, api_key_text)
except Exception: # pragma: no cover
# if we cannot connect to backend DB, skip api key check
raven_client.captureException()
stats_client.incr('%s.dbfailure_skip_api_key' % func_name)
if api_key is not None:
stats_client.incr('%s.api_key.%s' % (func_name, api_key.name))
should_limit = rate_limit(request.registry.redis_client,
api_key_text,
maxreq=api_key.maxreq)
if should_limit:
response = HTTPForbidden()
response.content_type = 'application/json'
response.body = DAILY_LIMIT
return response
elif should_limit is None: # pragma: no cover
# We couldn't connect to Redis
stats_client.incr('%s.redisfailure_skip_limit' % func_name)
else:
stats_client.incr('%s.unknown_api_key' % func_name)
if error_on_invalidkey:
return invalid_api_key_response()
# If we failed to look up an ApiKey, create an empty one
# rather than passing None through
api_key = api_key or ApiKey()
return func(request, api_key, *args, **kwargs)
def closure(request, *args, **kwargs):
api_key = request.GET.get('key', None)
heka_client = get_heka_client()
stats_client = request.registry.stats_client
if api_key is None:
stats_client.incr('%s.no_api_key' % func_name)
if error_on_invalidkey:
return invalid_api_key_response()
session = request.db_slave_session
try:
result = session.execute(API_CHECK.bindparams(api_key=api_key))
found_key = result.fetchone()
except Exception:
# if we cannot connect to backend DB, skip api key check
heka_client.raven(RAVEN_ERROR)
stats_client.incr('%s.dbfailure_skip_api_key' % func_name)
return func(request, *args, **kwargs)
if found_key is not None:
maxreq, shortname = found_key
if not shortname:
shortname = api_key
stats_client.incr('%s.api_key.%s' % (func_name, shortname))
should_limit = rate_limit(request.registry.redis_client,
api_key, maxreq=maxreq)
if should_limit:
result = HTTPForbidden()
result.content_type = 'application/json'
result.body = DAILY_LIMIT
return result
elif should_limit is None:
# We couldn't connect to Redis
stats_client.incr('%s.redisfailure_skip_limit' % func_name)
else:
stats_client.incr('%s.unknown_api_key' % func_name)
if error_on_invalidkey:
return invalid_api_key_response()
return func(request, *args, **kwargs)
def closure(request, *args, **kwargs):
raven_client = request.registry.raven_client
stats_client = request.registry.stats_client
api_key = None
api_key_text = request.GET.get('key', None)
if api_key_text is None:
stats_client.incr('%s.no_api_key' % func_name)
if error_on_invalidkey:
return invalid_api_key_response()
try:
api_key = ApiKey.getkey(request.db_ro_session, api_key_text)
except Exception: # pragma: no cover
# if we cannot connect to backend DB, skip api key check
raven_client.captureException()
stats_client.incr('%s.dbfailure_skip_api_key' % func_name)
if api_key is not None:
stats_client.incr('%s.api_key.%s' % (func_name, api_key.name))
should_limit = rate_limit(request.registry.redis_client,
api_key_text, maxreq=api_key.maxreq)
if should_limit:
response = HTTPForbidden()
response.content_type = 'application/json'
response.body = DAILY_LIMIT
return response
elif should_limit is None: # pragma: no cover
# We couldn't connect to Redis
stats_client.incr('%s.redisfailure_skip_limit' % func_name)
else:
stats_client.incr('%s.unknown_api_key' % func_name)
if error_on_invalidkey:
return invalid_api_key_response()
# If we failed to look up an ApiKey, create an empty one
# rather than passing None through
api_key = api_key or ApiKey()
return func(request, api_key, *args, **kwargs)
def forbidden(self):
response = HTTPForbidden()
response.content_type = 'application/json'
response.body = DAILY_LIMIT
return response
def make_403_error(message, realm="CIOC RPC"):
error = HTTPForbidden()
error.content_type = "text/plain"
error.text = message
return error
def make_403_error(message, realm='CIOC RPC'): error = HTTPForbidden() error.content_type = "text/plain" error.text = message return error
def forbidden(request):
response = HTTPForbidden()
response.content_type = 'application/json'
with open(path('forbidden.json')) as msg:
response.text = msg.read()
return response
