diff options
author | Daniil Baturin <daniil@baturin.org> | 2019-10-23 13:09:51 +0200 |
---|---|---|
committer | Daniil Baturin <daniil@baturin.org> | 2019-10-23 13:09:51 +0200 |
commit | d286592732fbebee3676912387d4512733b296b3 (patch) | |
tree | 43ede31013318397118595d7e45cf4cda815b3d8 /src/services | |
parent | 967067970494c1800f028e5a44ff2fc9e39eabb9 (diff) | |
download | vyos-1x-d286592732fbebee3676912387d4512733b296b3.tar.gz vyos-1x-d286592732fbebee3676912387d4512733b296b3.zip |
[HTTP API] Use a decorator for functions that require authentication.
Diffstat (limited to 'src/services')
-rwxr-xr-x | src/services/vyos-http-api-server | 29 |
1 files changed, 16 insertions, 13 deletions
diff --git a/src/services/vyos-http-api-server b/src/services/vyos-http-api-server index afab9be70..63e67e855 100755 --- a/src/services/vyos-http-api-server +++ b/src/services/vyos-http-api-server @@ -27,6 +27,8 @@ import vyos.config import bottle +from functools import wraps + from vyos.configsession import ConfigSession, ConfigSessionError from vyos.config import VyOSError @@ -61,16 +63,23 @@ def success(data): resp = {"success": True, "data": data, "error": None} return json.dumps(resp) +def auth_required(f): + @wraps(f) + def decorated_function(*args, **kwargs): + key = bottle.request.forms.get("key") + api_keys = app.config['vyos_keys'] + id = check_auth(api_keys, key) + if not id: + return error(401, "Valid API key is required") + return f(*args, **kwargs) + + return decorated_function + @app.route('/configure', method='POST') +@auth_required def configure(): session = app.config['vyos_session'] config = app.config['vyos_config'] - api_keys = app.config['vyos_keys'] - - key = bottle.request.forms.get("key") - id = check_auth(api_keys, key) - if not id: - return error(401, "Valid API key is required") strict_field = bottle.request.forms.get("strict") if strict_field == "true": @@ -177,17 +186,11 @@ def configure(): return success(None) @app.route('/retrieve', method='POST') +@auth_required def get_value(): config = app.config['vyos_config'] session = app.config['vyos_session'] - api_keys = app.config['vyos_keys'] - - key = bottle.request.forms.get("key") - id = check_auth(api_keys, key) - if not id: - return error(401, "Valid API key is required") - command = bottle.request.forms.get("data") command = json.loads(command) |