archive/pillar
0
0
Fork 0
Code Issues 42 Pull Requests Projects Releases Wiki Activity

Validate authentication token on every request.

Browse Source
This commit is contained in:
Sybren A. Stüvel 2016-03-31 11:10:01 +02:00
parent 9bdba2bc15
commit 56bf30c722
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
pillar/application/__init__.py
View File

@ -153,15 +153,18 @@ from modules.projects import before_inserting_projects
from modules.projects import after_inserting_projects from modules.projects import after_inserting_projects
@app.before_request
def validate_token_at_every_request():
validate_token()
def before_returning_item_permissions(response): def before_returning_item_permissions(response):
# Run validation process, since GET on nodes entry point is public # Run validation process, since GET on nodes entry point is public
validate_token()
check_permissions(response, 'GET', append_allowed_methods=True) check_permissions(response, 'GET', append_allowed_methods=True)
def before_returning_resource_permissions(response): def before_returning_resource_permissions(response):
for item in response['_items']: for item in response['_items']:
validate_token()
check_permissions(item, 'GET', append_allowed_methods=True) check_permissions(item, 'GET', append_allowed_methods=True)