aboutsummaryrefslogtreecommitdiffstats
path: root/mediagoblin/tools/request.py
diff options
context:
space:
mode:
Diffstat (limited to 'mediagoblin/tools/request.py')
-rw-r--r--mediagoblin/tools/request.py20
1 files changed, 17 insertions, 3 deletions
diff --git a/mediagoblin/tools/request.py b/mediagoblin/tools/request.py
index d4739039..d2cb0f6a 100644
--- a/mediagoblin/tools/request.py
+++ b/mediagoblin/tools/request.py
@@ -16,7 +16,9 @@
import json
import logging
-from mediagoblin.db.models import User
+
+from mediagoblin.db.models import User, AccessToken
+from mediagoblin.oauth.tools.request import decode_authorization_header
_log = logging.getLogger(__name__)
@@ -31,6 +33,18 @@ def setup_user_in_request(request):
Examine a request and tack on a request.user parameter if that's
appropriate.
"""
+ # If API request the user will be associated with the access token
+ authorization = decode_authorization_header(request.headers)
+
+ if authorization.get(u"access_token"):
+ # Check authorization header.
+ token = authorization[u"oauth_token"]
+ token = AccessToken.query.filter_by(token=token).first()
+ if token is not None:
+ request.user = token.user
+ return
+
+
if 'user_id' not in request.session:
request.user = None
return
@@ -45,8 +59,8 @@ def setup_user_in_request(request):
def decode_request(request):
""" Decodes a request based on MIME-Type """
- data = request.get_data()
-
+ data = request.data
+
if request.content_type == json_encoded:
data = json.loads(data)
elif request.content_type == form_encoded or request.content_type == "":
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-08 04:27:37 +0000