def render(self, request: Request) -> bytes:
"""We're adding some CORS headers for future use, also we're sending content-type
"""
request.setHeader('content-type', 'application/json')
acrm = request.getHeader('access-control-request-method')
if acrm:
request.setHeader('Access-Control-Allow-Methods', acrm)
acrh = request.getHeader('access-control-request-headers')
if acrh:
request.setHeader('Access-Control-Allow-Headers', acrh)
origin = request.getHeader('origin')
if origin:
request.setHeader('Access-Control-Allow-Origin', origin)
return super(ChatResource, self).render(request)
async def _async_render_POST(self, request: Request) -> None:
requester = await self.auth.get_user_by_req(request)
# TODO: The checks here are a bit late. The content will have
# already been uploaded to a tmp file at this point
content_length = request.getHeader("Content-Length")
if content_length is None:
raise SynapseError(msg="Request must specify a Content-Length",
code=400)
if int(content_length) > self.max_upload_size:
raise SynapseError(
msg="Upload request body is too large",
code=413,
errcode=Codes.TOO_LARGE,
)
upload_name = parse_string(request, b"filename", encoding=None)
if upload_name:
try:
upload_name = upload_name.decode("utf8")
except UnicodeDecodeError:
raise SynapseError(msg="Invalid UTF-8 filename parameter: %r" %
(upload_name),
code=400)
# If the name is falsey (e.g. an empty byte string) ensure it is None.
else:
upload_name = None
headers = request.requestHeaders
if headers.hasHeader(b"Content-Type"):
media_type = headers.getRawHeaders(b"Content-Type")[0].decode(
"ascii")
else:
raise SynapseError(msg="Upload request missing 'Content-Type'",
code=400)
# if headers.hasHeader(b"Content-Disposition"):
# disposition = headers.getRawHeaders(b"Content-Disposition")[0]
# TODO(markjh): parse content-dispostion
try:
content_uri = await self.media_repo.create_content(
media_type, upload_name, request.content, content_length,
requester.user)
except SpamMediaException:
# For uploading of media we want to respond with a 400, instead of
# the default 404, as that would just be confusing.
raise SynapseError(400, "Bad content")
logger.info("Uploaded content with URI %r", content_uri)
respond_with_json(request,
200, {"content_uri": content_uri},
send_cors=True)
def check_auth(self, request: Request) -> Union[bytes, User]:
"""Checks is user submitted access token and this token is valid
"""
raw_auth = request.getHeader('authorization')
auth = raw_auth.split()
if len(auth) == 2:
if auth[1] in web_users_by_token:
web_users_by_token[auth[1]]['updated'] = time()
return web_users_by_token[auth[1]]['user']
return self.abort(request, 401, "You're not authorized")
def _redirectOrJSON(result, request: http.Request, url: urlpath.URLPath, data):
try:
if request.getHeader('x-requested-with') == 'XMLHttpRequest':
request.write(json.dumps(data).encode('utf-8'))
if not request.notifyFinish().called:
request.finish()
return
except:
pass
request.redirect(str(url).encode('ascii'))
request.finish()
