def safe_handler(*args, **kwargs):
session_token = request.args.get('session_token', '')
user_id = request.args.get('user_id', 0)
user = session.query(User).filter_by(user_id=user_id).first()
sleep_amount = random.random()/5
if user and utils.str_equal(user.session_token, session_token) and \
utils.to_timestamp(user.session_token_expires_at) > time.time():
return handler(*args, **kwargs)
else:
time.sleep(sleep_amount)
return ApiResponse(config.ACCESS_DENIED_MSG, status='403')
def safe_handler(*args, **kwargs):
session = db.Session()
session_token = request.args.get('session_token', '')
user_id = request.args.get('user_id', 0)
user = session.query(db.User).filter_by(user_id=user_id).first()
if user and utils.str_equal(user.session_token, session_token) and \
utils.to_timestamp(user.session_token_expires_at) > time.time():
response = handler(*args, **kwargs)
else:
response = ApiResponse(config.ACCESS_DENIED_MSG, status='403')
session.close()
return response
def safe_handler(*args, **kwargs):
session = db.Session()
session_token = request.args.get('session_token', '')
hospital_id = request.args.get('hospital_id', 0)
print hospital_id
hospital = session.query(db.Hospital).filter_by(_id=hospital_id).first()
if hospital and hospital.session_token and \
utils.str_equal(hospital.session_token, session_token):
response = handler(*args, **kwargs)
else:
response = ApiResponse(config.ACCESS_DENIED_MSG, status='403')
session.close()
return response
