def health_check_ping():
'''
Used by load balancers to do health checks, if applicable. This default implementation
only checks for server reachability, but can be easily extended to check for more info
such as database connectivity.
'''
return rf.get_response('ALL_OK', '')
def bad_request(e):
return rf.get_response('BAD_REQUEST')
def internal_error(e):
return rf.get_response('INTERNAL_ERROR')
def request_entity_too_large(e):
return rf.get_response('REQUEST_ENTITY_TOO_LARGE')
def not_allowed(e):
return rf.get_response('NOT_ALLOWED')
def not_found(e):
return rf.get_response('NOT_FOUND')
def dispatch_request(self, *args, **kwargs):
'''
Main request handler method.
'''
try:
processing_start = time.time() # Keep track of time used per request, can be logged for monitoring
extra_request_info = {} # A dict used to keep track of information gathered on the request that are not part of the request obj itself (e.g. client info)
# Handler method check:
request_method = request.method.upper()
if request_method not in (self.allowed_methods + ('OPTIONS', 'HEAD')):
# HTTP method not allowed on this REST resource, log the request, then return the appropriate response with a list of allowed methods
self.__log_request(processing_start, extra_request_info, 'NOT_ALLOWED')
headers = {'Allow': sorted(request.url_rule.methods)}
return rf.get_response('NOT_ALLOWED', None, headers)
# Get the HTTP method handler function
handler_method = getattr(self, request_method.lower(), None)
if handler_method is None:
# The HTTP method handler function has not yet been created, but the method is allowed for the resource
self.__log_request(processing_start, extra_request_info, 'NOT_IMPLEMENTED')
return rf.get_response('NOT_IMPLEMENTED')
# Handle authentication:
authenticator = self.auth_methods.get(request_method, self.auth_methods['ALL'])
is_authorized, auth_data_obj = authenticator.is_authenticated()
extra_request_info['auth_data_obj'] = auth_data_obj # Attach the data obj returned by the authenticator for potential use and logging
if not is_authorized:
# Access denied, log the request and return the corresponding auth challenge response
self.__log_request(processing_start, extra_request_info, 'UNAUTHORIZED')
return authenticator.get_challenge()
# Handle request throttling:
method_throttle_options = self.throttle_options.get(request_method, self.throttle_options['ALL'])
throttler, throttle_override = method_throttle_options
is_throttled = throttler.throttle(self.__class__.__name__, throttle_override)
if is_throttled:
self.__log_request(processing_start, extra_request_info, 'THROTTLED')
return rf.get_response('THROTTLED')
# Response processing by the HTTP method handler function (actual API called here):
try:
handler_return = handler_method(auth_data_obj, *args, **kwargs)
except:
# Something went wrong with the handler's processing of the request. Log the error (possibly more detailed logging and
# notification can be added here) and return an error response.
self.__log_request(processing_start, extra_request_info, 'INTERNAL_ERROR')
return rf.get_response('INTERNAL_ERROR')
# Get API handler return data
response_name, response_data = handler_return[:2]
if response_name == 'UNAUTHORIZED' and response_data is None:
# The more advanced auth system in the handler denied access, log it, then propagate this to the client
self.__log_request(processing_start, extra_request_info, 'UNAUTHORIZED')
return authenticator.get_challenge()
response_headers = {}
# Check if the API handler pass along any custom headers to add to the response
if len(handler_return) == 3:
response_headers = handler_return[2]
response = rf.get_response(response_name, response_data, response_headers)
# Log this request (response_data can be added to extra_request_info if response data should be logged)
self.__log_request(processing_start, extra_request_info, response_name)
if app.debug:
# In debug mode, return the request processing time as a special header for reference
response.headers['Processing-Time'] = time.time() - processing_start
return response
except:
# Something went wrong with the RestView itself (very bad). Notification of the error can be added here.
return rf.get_response('INTERNAL_ERROR')
