Add api key checking
All checks were successful
ci/woodpecker/manual/woodpecker Pipeline was successful
All checks were successful
ci/woodpecker/manual/woodpecker Pipeline was successful
This commit is contained in:
parent
71bb9694bc
commit
d3ce95f7ba
@ -21,6 +21,8 @@ spec:
|
|||||||
- name: inventory-app
|
- name: inventory-app
|
||||||
image: inventory-app
|
image: inventory-app
|
||||||
env:
|
env:
|
||||||
|
- name: INVENTORY_API_KEY
|
||||||
|
value: "sptWL6XFxl4b8"
|
||||||
- name: PYTHONUNBUFFERED
|
- name: PYTHONUNBUFFERED
|
||||||
value: "1"
|
value: "1"
|
||||||
- name: RECAPTCHA_PUBLIC_KEY
|
- name: RECAPTCHA_PUBLIC_KEY
|
||||||
|
@ -1,4 +1,7 @@
|
|||||||
|
import os
|
||||||
|
import re
|
||||||
import const
|
import const
|
||||||
|
from functools import wraps
|
||||||
from pymongo import MongoClient
|
from pymongo import MongoClient
|
||||||
from flask import Blueprint, abort, g, make_response, redirect, render_template, request, jsonify
|
from flask import Blueprint, abort, g, make_response, redirect, render_template, request, jsonify
|
||||||
from common import CustomForm, build_query, flatten, format_name, spam
|
from common import CustomForm, build_query, flatten, format_name, spam
|
||||||
@ -6,6 +9,17 @@ from kubernetes import client, config
|
|||||||
|
|
||||||
page_api = Blueprint("api", __name__)
|
page_api = Blueprint("api", __name__)
|
||||||
db = MongoClient(const.MONGO_URI).get_default_database()
|
db = MongoClient(const.MONGO_URI).get_default_database()
|
||||||
|
api_key = os.getenv("INVENTORY_API_KEY")
|
||||||
|
|
||||||
|
def check_api_key(f):
|
||||||
|
@wraps(f)
|
||||||
|
def decorated_function(*args, **kwargs):
|
||||||
|
request_key = request.headers.get('Authorization', False)
|
||||||
|
found_key = re.search(r"Basic (.*)", request_key).group(1)
|
||||||
|
if not found_key or found_key != api_key:
|
||||||
|
return "nope", 403
|
||||||
|
return f(*args, **kwargs)
|
||||||
|
return decorated_function
|
||||||
|
|
||||||
def get_users():
|
def get_users():
|
||||||
config.load_incluster_config()
|
config.load_incluster_config()
|
||||||
@ -17,12 +31,14 @@ def get_users():
|
|||||||
return resp
|
return resp
|
||||||
|
|
||||||
@page_api.route("/users")
|
@page_api.route("/users")
|
||||||
|
@check_api_key
|
||||||
def view_users():
|
def view_users():
|
||||||
resp = get_users()
|
resp = get_users()
|
||||||
print(resp)
|
print(resp)
|
||||||
return jsonify(resp)
|
return jsonify(resp)
|
||||||
|
|
||||||
@page_api.route("/cards", methods=["POST"])
|
@page_api.route("/cards", methods=["POST"])
|
||||||
|
@check_api_key
|
||||||
def get_group_cards():
|
def get_group_cards():
|
||||||
groups = request.json.get("groups", False)
|
groups = request.json.get("groups", False)
|
||||||
if not groups:
|
if not groups:
|
||||||
|
Loading…
Reference in New Issue
Block a user