diff options
| author |  jesopo | 2018-11-12 18:06:02 +0000 |
|---|---|---|
| committer | jesopo | 2018-11-12 18:06:02 +0000 |
| commit | a0e86f79c39ddde195ca75b4e83363ff2de87641 (patch) | |
| tree | 460b49227e07a53b89bf04241b8f000fb734717c /modules/rest_api.py | |
| parent | Change API keys to be hex representations of UUID4s, change their value in the (diff) | |
| signature | ||
Change API key checking on-request to match what the values should be in the
database (dict of '{"name": , "permissions": }')
Diffstat (limited to 'modules/rest_api.py')
| -rw-r--r-- | modules/rest_api.py | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/modules/rest_api.py b/modules/rest_api.py index 0bccb793..b4c35565 100644 --- a/modules/rest_api.py +++ b/modules/rest_api.py @@ -23,7 +23,8 @@ class Handler(http.server.BaseHTTPRequestHandler): hook = hooks[0] authenticated = hook.get_kwarg("authenticated", True) key = params.get("key", None) - permissions = _bot.get_setting("api-key-%s" % key, []) + key_setting = = _bot.get_setting("api-key-%s" % key, {}) + permissions = key_seting.get("permissions", []) if not authenticated or path in permissions or "*" in permissions: if path.startswith("/api/"): |