misc: optimize check of auth_token
This commit is contained in:
parent
f50c2d0ea9
commit
f6466af00c
|
@ -31,7 +31,7 @@ auto-procname = true
|
|||
procname-prefix-spaced = ants-hub
|
||||
master = true
|
||||
enable-threads = true
|
||||
listen = 1000
|
||||
listen = 300
|
||||
processes = 5
|
||||
pidfile = $TOX_WORK_DIR/uwsgi.pid
|
||||
http-socket = 127.0.0.1:9040
|
||||
|
|
|
@ -5,6 +5,8 @@ import datetime
|
|||
import functools
|
||||
import logging
|
||||
import secrets
|
||||
import sys
|
||||
import time
|
||||
import zoneinfo
|
||||
|
||||
from django.http import JsonResponse
|
||||
|
@ -22,15 +24,25 @@ def format_date_ants(dt):
|
|||
return dt.astimezone(ANTS_TIMEZONE).isoformat().split('+')[0] + 'Z'
|
||||
|
||||
|
||||
AUTH_TOKEN = None
|
||||
AUTH_TOKEN_TIME = None
|
||||
|
||||
|
||||
def authenticate(func):
|
||||
@functools.wraps(func)
|
||||
def wrapper(request, *args, **kwargs):
|
||||
global AUTH_TOKEN, AUTH_TOKEN_TIME # pylint: disable=global-statement
|
||||
|
||||
if not request.user.is_authenticated:
|
||||
header = request.headers.get('X-Hub-Rdv-Auth-Token', '')
|
||||
if not header:
|
||||
logger.warning('authentication failed, missing header X-HUB-RDV-AUTH-TOKEN')
|
||||
return JsonResponse("Missing X-HUB-RDV-AUTH-TOKEN header", status=401, safe=False)
|
||||
auth_token = Config.get(Config.REQUEST_FROM_ANTS_AUTH_TOKEN)
|
||||
if AUTH_TOKEN_TIME and time.time() - AUTH_TOKEN_TIME < 60 and 'pytest' not in sys.modules:
|
||||
auth_token = AUTH_TOKEN
|
||||
else:
|
||||
auth_token = Config.get(Config.REQUEST_FROM_ANTS_AUTH_TOKEN)
|
||||
AUTH_TOKEN_TIME, AUTH_TOKEN = time.time(), auth_token
|
||||
if not auth_token:
|
||||
logger.error('authentication failed, REQUEST_FROM_ANTS_AUTH_TOKEN is not configured')
|
||||
return JsonResponse("X-HUB-RDV-AUTH-TOKEN not configured", status=401, safe=False)
|
||||
|
|
Loading…
Reference in New Issue