kallithea Changeset - 60249224be04

Changeset - 60249224be04

Parent rev.

Child rev.

[Not reviewed]

beta

0 4 0

Marcin Kuzminski - 14 years ago 2011-11-17 17:52:48
marcin@python-works.com

fix for api key lookup, reuse same function in user model

4 files changed with 6 insertions and 11 deletions:

rhodecode/controllers/api/__init__.py

rhodecode/model/db.py

rhodecode/model/user.py

rhodecode/tests/functional/test_login.py

0 comments (0 inline, 0 general)

rhodecode/controllers/api/__init__.py

➞

Show inline comments

@@ @@ -111,26 +111,28 @@ class JSONRPCController(WSGIController): @@
             json_body = json.loads(urllib.unquote_plus(raw_body))
         except ValueError, e:
             #catch JSON errors Here
             return jsonrpc_error(message="JSON parse error ERR:%s RAW:%r" \
                                  % (e, urllib.unquote_plus(raw_body)))
         #check AUTH based on API KEY
+        # check AUTH based on API KEY
         try:
             self._req_api_key = json_body['api_key']
             self._req_method = json_body['method']
             self._req_params = json_body['args']
             log.debug('method: %s, params: %s',
                       self._req_method,
                       self._req_params)
         except KeyError, e:
             return jsonrpc_error(message='Incorrect JSON query missing %s' % e)
         #check if we can find this session using api_key
+        # check if we can find this session using api_key
         try:
             u = User.get_by_api_key(self._req_api_key)
             if u is None:
                 return jsonrpc_error(message='Invalid API KEY')
             auth_u = AuthUser(u.user_id, self._req_api_key)
         except Exception, e:
             return jsonrpc_error(message='Invalid API KEY')
         self._error = None
         try:

rhodecode/model/db.py

➞

Show inline comments

@@ @@ -321,13 +321,13 @@ class User(Base, BaseModel): @@
     def get_by_api_key(cls, api_key, cache=False):
         q = cls.query().filter(cls.api_key == api_key)
         if cache:
             q = q.options(FromCache("sql_cache_short",
                                     "get_api_key_%s" % api_key))
-        q.one()
+        return q.scalar()
     def update_lastlogin(self):
         """Update user lastlogin"""
         self.last_login = datetime.datetime.now()
         Session.add(self)

rhodecode/model/user.py

➞

Show inline comments

@@ @@ -67,19 +67,13 @@ class UserModel(BaseModel): @@
         if cache:
             user = user.options(FromCache("sql_cache_short",
                                           "get_user_%s" % username))
         return user.scalar()
     def get_by_api_key(self, api_key, cache=False):
         user = self.sa.query(User)\
                 .filter(User.api_key == api_key)
         if cache:
             user = user.options(FromCache("sql_cache_short",
                                           "get_user_%s" % api_key))
         return user.scalar()
         return User.get_by_api_key(api_key, cache)
     def create(self, form_data):
         try:
             new_user = User()
             for k, v in form_data.items():
                 setattr(new_user, k, v)

rhodecode/tests/functional/test_login.py

➞

Show inline comments

@@ @@ -244,13 +244,12 @@ class TestLoginController(TestController @@
         self.assertEqual(response.status, '302 Found')
         self.assertTrue(response.location.endswith(url('reset_password')))
         # GOOD KEY
         key = User.get_by_username(username).api_key
         response = self.app.get(url(controller='login',
                                     action='password_reset_confirmation',
                                     key=key))
         self.assertEqual(response.status, '302 Found')
         self.assertTrue(response.location.endswith(url('login_home')))

0 comments (0 inline, 0 general)