|
a/Allura/allura/controllers/rest.py |
|
b/Allura/allura/controllers/rest.py |
|
... |
|
... |
| 30 |
api_key = request.params.get('api_key')
|
30 |
api_key = request.params.get('api_key')
|
| 31 |
token = M.ApiTicket.get(api_key)
|
31 |
token = M.ApiTicket.get(api_key)
|
| 32 |
if not token:
|
32 |
if not token:
|
| 33 |
token = M.ApiToken.get(api_key)
|
33 |
token = M.ApiToken.get(api_key)
|
| 34 |
else:
|
34 |
else:
|
| 35 |
log.info('Authenticated with API ticket')
|
35 |
log.info('Authenticating with API ticket')
|
| 36 |
if token is not None and token.authenticate_request(request.path, request.params):
|
36 |
if token is not None and token.authenticate_request(request.path, request.params):
|
| 37 |
return token
|
37 |
return token
|
| 38 |
else:
|
38 |
else:
|
|
|
39 |
log.info('API authentication failure')
|
| 39 |
raise exc.HTTPForbidden
|
40 |
raise exc.HTTPForbidden
|
| 40 |
else:
|
41 |
else:
|
| 41 |
return None
|
42 |
return None
|
| 42 |
|
43 |
|
| 43 |
@expose()
|
44 |
@expose()
|