def api_validate():
if not zk.get_login() and not zk.get_http_login():
resp = jsonify({"error": "Not authenticated", "error-num": 1})
resp.status_code = 401
return resp
if zk.get_http_login():
pass_ = hash_pass(request.authorization.username, request.authorization.password)
users = pysql().where('login', request.authorization.username.lower()).where('password', pass_).get('users')
if len(users) != 1:
resp = jsonify({"error": "Authication invalid", "error-num": 2})
resp.status_code = 401
return resp
return None
def user(): """Return a username of the current API user. If they're logged into the site, return the username, If they're not, return the HTTP authorization username. """ return request.authorization.username if zk.get_http_login() else zk.get_username()
