darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2026-01-30 06:21:50 -05:00
Code Issues Packages Projects Releases Wiki Activity

refactor authentication code

Browse Source 
moved api_key secret manipulation (generating and getting) into
authentiation/utils, and added a property on the model, to facilitate
easier matching of authenticated requests and the api keys they used
This commit is contained in:
Leo Hemsted
2016-06-29 14:15:32 +01:00
parent 18b30de452
commit adbe02783d
7 changed files with 36 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/authentication/auth.py
View File

@@ -1,10 +1,8 @@
from flask import request, jsonify, _request_ctx_stack, current_app
from notifications_python_client.authentication import decode_jwt_token, get_token_issuer
from notifications_python_client.errors import TokenDecodeError, TokenExpiredError
from werkzeug.exceptions import abort
from app.dao.api_key_dao import get_unsigned_secrets
from app import api_user
from functools import wraps
def authentication_response(message, code):

12
app/authentication/utils.py Normal file
View File

@@ -0,0 +1,12 @@
from flask import current_app
from itsdangerous import URLSafeSerializer
def get_secret(secret):
serializer = URLSafeSerializer(current_app.config.get('SECRET_KEY'))
return serializer.loads(secret, salt=current_app.config.get('DANGEROUS_SALT'))
def generate_secret(token):
serializer = URLSafeSerializer(current_app.config.get('SECRET_KEY'))
return serializer.dumps(str(token), current_app.config.get('DANGEROUS_SALT'))