def process_request(self, request):
headers = request.headers
project_id = headers.get('X-Auth-Project')
if not uuidutils.is_uuid_like(project_id):
raise exceptions.AuthenticationError(
message="Project ID ('{}') is not a valid UUID".format(
project_id
)
)
ctx = self.make_context(
request,
auth_token=headers.get('X-Auth-Token', None),
user=headers.get('X-Auth-User', None),
tenant=project_id,
)
# NOTE(sulo): this means every api call hits the db
# at least once for auth. Better way to handle this?
try:
user_info = dbapi.get_user_info(ctx,
headers.get('X-Auth-User', None))
if user_info.api_key != headers.get('X-Auth-Token', None):
raise exceptions.AuthenticationError
if user_info.is_root:
ctx.is_admin = True
ctx.is_admin_project = True
elif user_info.is_admin:
ctx.is_admin = True
ctx.is_admin_project = False
else:
ctx.is_admin = False
ctx.is_admin_project = False
except exceptions.NotFound:
raise exceptions.AuthenticationError
评论列表
文章目录
