From e5f475cdeb76acf47b30a4614cbb31918361b3d9 Mon Sep 17 00:00:00 2001 From: jesopo Date: Thu, 4 Oct 2018 17:59:24 +0100 Subject: Allow API endpoints to not request authentication --- modules/rest_api.py | 37 ++++++++++++++++++++++--------------- 1 file changed, 22 insertions(+), 15 deletions(-) (limited to 'modules') diff --git a/modules/rest_api.py b/modules/rest_api.py index dfdb0746..c97b5baf 100644 --- a/modules/rest_api.py +++ b/modules/rest_api.py @@ -13,25 +13,32 @@ class Handler(http.server.BaseHTTPRequestHandler): query = parsed.query get_params = urllib.parse.parse_qs(query) + _, _, endpoint = parsed.path[1:].partition("/") + endpoint, _, args = endpoint.partition("/") + args = list(filter(None, args.split("/"))) + response = "" code = 404 - if not "key" in get_params or not _bot.get_setting( - "api-key-%s" % get_params["key"][0], False): - code = 401 - else: - if parsed.path.startswith("/api/"): - _, _, endpoint = parsed.path[1:].partition("/") - endpoint, _, args = endpoint.partition("/") - args = list(filter(None, args.split("/"))) - - response = _events.on("api").on(endpoint).call_for_result( - params=get_params, path=args) + hooks = _events.on("api").on(endpoint).get_hooks() + if hooks: + hook = hooks[0] + authenticated = hook.get_kwarg("authenticated", True) + key = get_params.get("key", None) + print(key) + if authenticated and ( + not key or + not _bot.get_setting("api-key-%s" % key[0], False)): + code = 401 + else: + if parsed.path.startswith("/api/"): + response = _events.on("api").on(endpoint + ).call_for_result(params=get_params, path=args) - if response: - response = json.dumps(response, sort_keys=True, - indent=4) - code = 200 + if response: + response = json.dumps(response, sort_keys=True, + indent=4) + code = 200 self.send_response(code) self.send_header("Content-type", "application/json") -- cgit v1.3.1-10-gc9f91