tmp/simplex
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

implemented cookie-based and Authorization header-based authentication

Browse Source
This commit is contained in:
Paul Liverman III 2018-04-24 18:43:07 -07:00
parent 813de065fe
commit 27c6209ae5
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
applications/api.moon
View File

@ -12,17 +12,17 @@ class API extends Application
@name: "api_"
@before_filter( api_request =>
-- TODO implement Authorization: api_key VALUE as acceptable method to send api_key
abort "api_key not specified." unless @params.api_key -- this does not seem to be triggering!!!
return if @user
if auth = @req.headers["authorization"]
if auth\len! > 0
@params.api_key = auth
abort "api_key not specified." unless @params.api_key
@api_key = APIKeys\find key: @params.api_key
abort "Invalid api_key" unless @api_key
@user = Users\find id: @api_key.user_id
abort "Invalid api_key." unless @user -- NOTE this should also delete the api_key and error (this should never happen!)
)
[err_test: "/err"]: api_request =>
error "this is a testing error"
[new: "/new"]: api_request =>
assert_valid @params, {
{"content", exists: true, min_length: 1, "Task content not specified."}