Allow API endpoints to not request authentication
This commit is contained in:
jesopo
parent
f31fdc48b3
commit
e5f475cdeb
1 changed files with 22 additions and 15 deletions
|
|
@ -13,20 +13,27 @@ class Handler(http.server.BaseHTTPRequestHandler):
|
||||||
query = parsed.query
|
query = parsed.query
|
||||||
get_params = urllib.parse.parse_qs(query)
|
get_params = urllib.parse.parse_qs(query)
|
||||||
|
|
||||||
response = ""
|
|
||||||
code = 404
|
|
||||||
|
|
||||||
if not "key" in get_params or not _bot.get_setting(
|
|
||||||
"api-key-%s" % get_params["key"][0], False):
|
|
||||||
code = 401
|
|
||||||
else:
|
|
||||||
if parsed.path.startswith("/api/"):
|
|
||||||
_, _, endpoint = parsed.path[1:].partition("/")
|
_, _, endpoint = parsed.path[1:].partition("/")
|
||||||
endpoint, _, args = endpoint.partition("/")
|
endpoint, _, args = endpoint.partition("/")
|
||||||
args = list(filter(None, args.split("/")))
|
args = list(filter(None, args.split("/")))
|
||||||
|
|
||||||
response = _events.on("api").on(endpoint).call_for_result(
|
response = ""
|
||||||
params=get_params, path=args)
|
code = 404
|
||||||
|
|
||||||
|
hooks = _events.on("api").on(endpoint).get_hooks()
|
||||||
|
if hooks:
|
||||||
|
hook = hooks[0]
|
||||||
|
authenticated = hook.get_kwarg("authenticated", True)
|
||||||
|
key = get_params.get("key", None)
|
||||||
|
print(key)
|
||||||
|
if authenticated and (
|
||||||
|
not key or
|
||||||
|
not _bot.get_setting("api-key-%s" % key[0], False)):
|
||||||
|
code = 401
|
||||||
|
else:
|
||||||
|
if parsed.path.startswith("/api/"):
|
||||||
|
response = _events.on("api").on(endpoint
|
||||||
|
).call_for_result(params=get_params, path=args)
|
||||||
|
|
||||||
if response:
|
if response:
|
||||||
response = json.dumps(response, sort_keys=True,
|
response = json.dumps(response, sort_keys=True,
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue