def checkCommunityUser():
""" Checks if community credentials are used
"""
postdata = request.data.decode('utf-8')
if len(postdata) == 0:
app.logger.error('no xml post data in request')
return abort(403)
else:
root = ETdefused.fromstring(postdata)
user_data = root.find("./Authentication/username")
pass_data = root.find("./Authentication/token")
if user_data is None or pass_data is None:
app.logger.error('Invalid XML: token not present or empty')
return abort(403)
username = user_data.text
password = pass_data.text
if username == app.config['COMMUNITYUSER'] and password == app.config['COMMUNITYTOKEN']:
return True
if not authenticate(username, password):
app.logger.error("simplePostMessage-Authentication failure for user %s", username)
return abort(403)
return False
评论列表
文章目录
