def current_user(self, request=None) -> TypeVar('User'): """ overloads Auth and retrieves the User instance for a request """ if not request: return None auth_header = Auth().authorization_header(request) auth_header = self.extract_base64_authorization_header(auth_header) dec_header = self.decode_base64_authorization_header(auth_header) cred = self.extract_user_credentials(dec_header) return self.user_object_from_credentials(cred[0], cred[1])
from api.v1.views import app_views from flask import Flask, jsonify, abort, request from flask_cors import (CORS, cross_origin) import os app = Flask(__name__) app.register_blueprint(app_views) CORS(app, resources={r"/api/v1/*": {"origins": "*"}}) auth = None app.config['JSONIFY_PRETTYPRINT_REGULAR'] = True AUTH_TYPE = getenv("AUTH_TYPE") if AUTH_TYPE == "auth": from api.v1.auth.auth import Auth auth = Auth() elif AUTH_TYPE == "basic_auth": from api.v1.auth.basic_auth import BasicAuth auth = BasicAuth() @app.errorhandler(404) def not_found(error) -> str: """ Not found handler """ return jsonify({"error": "Not found"}), 404 @app.errorhandler(401) def unauthorized_error(error) -> str: """ Request unauthorized
#!/usr/bin/env python3 """ Main 0 """ from api.v1.auth.auth import Auth a = Auth() print(a.require_auth("/api/v1/status/", ["/api/v1/status/"])) print(a.authorization_header()) print(a.current_user())
#!/usr/bin/env python3 """ Main 1 """ from api.v1.auth.auth import Auth a = Auth() print(a.require_auth(None, None)) print(a.require_auth(None, [])) print(a.require_auth("/api/v1/status/", [])) print(a.require_auth("/api/v1/status/", ["/api/v1/status/"])) print(a.require_auth("/api/v1/status", ["/api/v1/status/"])) print(a.require_auth("/api/v1/users", ["/api/v1/status/"])) print(a.require_auth("/api/v1/users", ["/api/v1/status/", "/api/v1/stats"])) print(a.require_auth("/api/v1/users", ["/api/v1/stat*"])) print(a.require_auth("/api/v1/status", ["/api/v1/stat*"])) print(a.require_auth("/api/v1/stats", ["/api/v1/stat*"]))
#!/usr/bin/python3 """ module containing flask app """ import os from api.v1.auth.auth import Auth from api.v1.auth.basic_auth import BasicAuth from api.v1.views import app_views from flask import abort, Flask, jsonify, request from models import db_session app = Flask(__name__) app.url_map.strict_slashes = False app.register_blueprint(app_views) auth = BasicAuth() if os.getenv('HBNB_YELP_AUTH') == 'basic_auth' else Auth() host = os.getenv('HBNB_API_HOST') port = os.getenv('HBNB_API_PORT') @app.before_request def bfr_req(): """ function to run before request """ if auth.require_auth(request.path, ['/api/v1/status/', '/api/v1/unauthorized/', '/api/v1/forbidden/']) is False: return if auth.authorization_header(request) is None: abort(401) if auth.current_user(request) is None: abort(403)
#!/usr/bin/env python3 """ Main 101 """ from api.v1.auth.auth import Auth a = Auth() excluded_paths = ["/api/v1/stat*"] print(a.require_auth("/api/v1/users", excluded_paths)) print(a.require_auth("/api/v1/status", excluded_paths)) print(a.require_auth("/api/v1/stats", excluded_paths))
#!/usr/bin/env python3 """ Check response """ if __name__ == "__main__": from api.v1.auth.auth import Auth a = Auth() path = "/api/v1/users" paths_excluded = ["/api/v1/us*"] res = a.require_auth(path, paths_excluded) if res: print("require_auth must return True: {} - {}".format( path, paths_excluded)) exit(1) print("OK", end="")