aboutsummaryrefslogtreecommitdiffstats
path: root/mediagoblin/tools/request.py
diff options
context:
space:
mode:
Diffstat (limited to 'mediagoblin/tools/request.py')
-rw-r--r--mediagoblin/tools/request.py30
1 files changed, 24 insertions, 6 deletions
diff --git a/mediagoblin/tools/request.py b/mediagoblin/tools/request.py
index d4739039..7e1973d3 100644
--- a/mediagoblin/tools/request.py
+++ b/mediagoblin/tools/request.py
@@ -16,7 +16,12 @@
import json
import logging
-from mediagoblin.db.models import User
+
+import six
+from werkzeug.http import parse_options_header
+
+from mediagoblin.db.models import User, AccessToken
+from mediagoblin.oauth.tools.request import decode_authorization_header
_log = logging.getLogger(__name__)
@@ -31,6 +36,18 @@ def setup_user_in_request(request):
Examine a request and tack on a request.user parameter if that's
appropriate.
"""
+ # If API request the user will be associated with the access token
+ authorization = decode_authorization_header(request.headers)
+
+ if authorization.get(u"access_token"):
+ # Check authorization header.
+ token = authorization[u"oauth_token"]
+ token = AccessToken.query.filter_by(token=token).first()
+ if token is not None:
+ request.user = token.user
+ return
+
+
if 'user_id' not in request.session:
request.user = None
return
@@ -45,11 +62,12 @@ def setup_user_in_request(request):
def decode_request(request):
""" Decodes a request based on MIME-Type """
- data = request.get_data()
-
- if request.content_type == json_encoded:
- data = json.loads(data)
- elif request.content_type == form_encoded or request.content_type == "":
+ data = request.data
+ content_type, _ = parse_options_header(request.content_type)
+
+ if content_type == json_encoded:
+ data = json.loads(six.text_type(data, "utf-8"))
+ elif content_type == form_encoded or content_type == "":
data = request.form
else:
data = ""