Process review comments (PR2464)

main
Dimitri Huisman 2 years ago committed by Alexander Graf
parent 61d092922c
commit 6347c18f8a
No known key found for this signature in database
GPG Key ID: B8A9DC143E075629

@ -11,7 +11,8 @@ def fqdn_in_use(name):
d = models.db.session.query(label('name', models.Domain.name)) d = models.db.session.query(label('name', models.Domain.name))
a = models.db.session.query(label('name', models.Alternative.name)) a = models.db.session.query(label('name', models.Alternative.name))
r = models.db.session.query(label('name', models.Relay.name)) r = models.db.session.query(label('name', models.Relay.name))
if d.union_all(a).union_all(r).filter_by(name=name).count() > 0: u = d.union_all(a).union_all(r).filter_by(name=name)
if models.db.session.query(u.exists()).scalar():
return True return True
return False return False
@ -23,11 +24,19 @@ def api_token_authorization(func):
if utils.limiter.should_rate_limit_ip(client_ip): if utils.limiter.should_rate_limit_ip(client_ip):
abort(429, 'Too many attempts from your IP (rate-limit)' ) abort(429, 'Too many attempts from your IP (rate-limit)' )
if not request.headers.get('Authorization'): if not request.headers.get('Authorization'):
abort(401, 'A valid API token is expected which is provided as request header') abort(401, 'A valid Bearer token is expected which is provided as request header')
if not hmac.compare_digest(request.headers.get('Authorization'), v1.api_token): #Client provides 'Authentication: Bearer <token>'
if (' ' in request.headers.get('Authorization')
and not hmac.compare_digest(request.headers.get('Authorization'), 'Bearer ' + v1.api_token)):
utils.limiter.rate_limit_ip(client_ip) utils.limiter.rate_limit_ip(client_ip)
flask.current_app.logger.warn(f'Invalid API token provided by {client_ip}.') flask.current_app.logger.warn(f'Invalid API token provided by {client_ip}.')
abort(403, 'A valid API token is expected which is provided as request header') abort(403, 'A valid Bearer token is expected which is provided as request header')
#Client provides 'Authentication: <token>'
elif (' ' not in request.headers.get('Authorization')
and not hmac.compare_digest(request.headers.get('Authorization'), v1.api_token)):
utils.limiter.rate_limit_ip(client_ip)
flask.current_app.logger.warn(f'Invalid API token provided by {client_ip}.')
abort(403, 'A valid Bearer token is expected which is provided as request header')
flask.current_app.logger.info(f'Valid API token provided by {client_ip}.') flask.current_app.logger.info(f'Valid API token provided by {client_ip}.')
return func(*args, **kwds) return func(*args, **kwds)
return decorated_function return decorated_function

@ -401,10 +401,10 @@ class Alternative(Resource):
""" Delete alternative (for domain) """ """ Delete alternative (for domain) """
if not validators.domain(alt): if not validators.domain(alt):
return { 'code': 400, 'message': f'Alternative domain {alt} is not a valid domain'}, 400 return { 'code': 400, 'message': f'Alternative domain {alt} is not a valid domain'}, 400
alternative = models.Alternative.query.filter_by(name=alt).first alternative = models.Alternative.query.filter_by(name=alt).scalar()
if not alternative: if not alternative:
return { 'code': 404, 'message': f'Alternative domain {alt} does not exist'}, 404 return { 'code': 404, 'message': f'Alternative domain {alt} does not exist'}, 404
domain = alternative.domain domain = alternative.domain_name
db.session.delete(alternative) db.session.delete(alternative)
db.session.commit() db.session.commit()
return {'code': 200, 'message': f'Alternative {alt} for domain {domain} has been deleted'}, 200 return {'code': 200, 'message': f'Alternative {alt} for domain {domain} has been deleted'}, 200

Loading…
Cancel
Save