summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorDaniil Baturin <daniil@baturin.org>2019-10-23 13:09:51 +0200
committerDaniil Baturin <daniil@baturin.org>2019-10-23 13:09:51 +0200
commitd286592732fbebee3676912387d4512733b296b3 (patch)
tree43ede31013318397118595d7e45cf4cda815b3d8 /src
parent967067970494c1800f028e5a44ff2fc9e39eabb9 (diff)
downloadvyos-1x-d286592732fbebee3676912387d4512733b296b3.tar.gz
vyos-1x-d286592732fbebee3676912387d4512733b296b3.zip
[HTTP API] Use a decorator for functions that require authentication.
Diffstat (limited to 'src')
-rwxr-xr-xsrc/services/vyos-http-api-server29
1 files changed, 16 insertions, 13 deletions
diff --git a/src/services/vyos-http-api-server b/src/services/vyos-http-api-server
index afab9be70..63e67e855 100755
--- a/src/services/vyos-http-api-server
+++ b/src/services/vyos-http-api-server
@@ -27,6 +27,8 @@ import vyos.config
import bottle
+from functools import wraps
+
from vyos.configsession import ConfigSession, ConfigSessionError
from vyos.config import VyOSError
@@ -61,16 +63,23 @@ def success(data):
resp = {"success": True, "data": data, "error": None}
return json.dumps(resp)
+def auth_required(f):
+ @wraps(f)
+ def decorated_function(*args, **kwargs):
+ key = bottle.request.forms.get("key")
+ api_keys = app.config['vyos_keys']
+ id = check_auth(api_keys, key)
+ if not id:
+ return error(401, "Valid API key is required")
+ return f(*args, **kwargs)
+
+ return decorated_function
+
@app.route('/configure', method='POST')
+@auth_required
def configure():
session = app.config['vyos_session']
config = app.config['vyos_config']
- api_keys = app.config['vyos_keys']
-
- key = bottle.request.forms.get("key")
- id = check_auth(api_keys, key)
- if not id:
- return error(401, "Valid API key is required")
strict_field = bottle.request.forms.get("strict")
if strict_field == "true":
@@ -177,17 +186,11 @@ def configure():
return success(None)
@app.route('/retrieve', method='POST')
+@auth_required
def get_value():
config = app.config['vyos_config']
session = app.config['vyos_session']
- api_keys = app.config['vyos_keys']
-
- key = bottle.request.forms.get("key")
- id = check_auth(api_keys, key)
- if not id:
- return error(401, "Valid API key is required")
-
command = bottle.request.forms.get("data")
command = json.loads(command)