tmp
/
simplex
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

implemented cookie-based and Authorization header-based authentication

Paul Liverman III 6 years ago
parent
813de065fe
commit
27c6209ae5
1 changed files with 5 additions and 5 deletions
Split View Show Diff Stats
  1. 5
    5
      applications/api.moon

+ 5
- 5
applications/api.moon View File 

@@ -12,17 +12,17 @@ class API extends Application
12 12 
   @name: "api_"
13 13
14 14 
   @before_filter( api_request =>
15 
-    -- TODO implement Authorization: api_key VALUE as acceptable method to send api_key
16 
-    abort "api_key not specified." unless @params.api_key -- this does not seem to be triggering!!!
15 
+    return if @user
16 
+    if auth = @req.headers["authorization"]
17 
+      if auth\len! > 0
18 
+        @params.api_key = auth
19 
+    abort "api_key not specified." unless @params.api_key
17 20 
     @api_key = APIKeys\find key: @params.api_key
18 21 
     abort "Invalid api_key" unless @api_key
19 22 
     @user = Users\find id: @api_key.user_id
20 23 
     abort "Invalid api_key." unless @user -- NOTE this should also delete the api_key and error (this should never happen!)
21 24 
   )
22 25
23 
-  [err_test: "/err"]: api_request =>
24 
-    error "this is a testing error"
25 
-
26 26 
   [new: "/new"]: api_request =>
27 27 
     assert_valid @params, {
28 28 
       {"content", exists: true, min_length: 1, "Task content not specified."}