def userid_request_property(request):
"""
Used for the userid property on weasyl requests.
"""
api_token = request.headers.get('X_WEASYL_API_KEY')
authorization = request.headers.get('AUTHORIZATION')
if api_token is not None:
# TODO: If reification of userid becomes an issue (e.g. because of userid changing after sign-in) revisit this.
# It's possible that we don't need to reify the entire property, but just cache the result of this query in a
# cache on arguments inner function.
userid = d.engine.scalar("SELECT userid FROM api_tokens WHERE token = %(token)s", token=api_token)
if not userid:
raise HTTPUnauthorized(www_authenticate=('Weasyl-API-Key', 'realm="Weasyl"'))
return userid
elif authorization:
from weasyl.oauth2 import get_userid_from_authorization
userid = get_userid_from_authorization(request)
if not userid:
raise HTTPUnauthorized(www_authenticate=('Bearer', 'realm="Weasyl" error="invalid_token"'))
return userid
else:
userid = request.weasyl_session.userid
return 0 if userid is None else userid
评论列表
文章目录
