DemocracyClub / aggregator-api / 93f28176-d12b-44aa-8582-a03ba3be77a2

coverage: 77.419% (-0.8%) from 78.236%
93f28176-d12b-44aa-8582-a03ba3be77a2

push

circleci

web-flow 
Merge pull request #441 from DemocracyClub/self-serve-api-keys

Self-serve API keys

315 of 422 new or added lines in 17 files covered. (74.64%)

1 existing line in 1 file now uncovered.

864 of 1116 relevant lines covered (77.42%)

0.77 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

94.12
/api/api_auth/handler.py
1 
import os
1
2 
import sys
1
3 










4



sys.path.append("api")




1





5













6



from common.auth_models import User, UserDoesNotExist  # noqa




1






7



from common.sentry_helper import init_sentry  # noqa




1





8












9



init_sentry()




1





10













11



USE_DYNAMODB_AUTH = os.environ.get("USE_DYNAMODB_AUTH", False)




1





12












13












14



def dynamodb_auth(api_key: str, region_name="eu-west-2"):




1





15



    ret = {




1





16



        "authenticated": False,










17



        "error": None,










18



        "warnings": [],










19



        "data": {},










20



    }










21



    try:




1





22



        user = User.from_dynamodb(api_key)




1





23



    except UserDoesNotExist:




1





24



        ret["error"] = "API key not found"




1





25



        return ret




1





26



    ret.update({"data": user.as_dict()})




1





27



    if user.is_active:




1





28



        ret["authenticated"] = True




1





29



    else:










30



        ret["error"] = "API key not active"




1





31



    if user.rate_limit_warn:




1





32



        ret["warnings"].append("Rate limit exceeded")




1





33












34



    return ret




1





35












36












37



def lambda_handler(event, context):




1





38



    if "auth_token" not in event["queryStringParameters"]:




1





39



        raise Exception("Unauthorized")




1





40



    api_key = event["queryStringParameters"].get("auth_token", None)




1





41













42



    if not api_key:




1






43



        print("No API key provided")




1






44



        raise Exception("Unauthorized")




1





45













46



    if USE_DYNAMODB_AUTH:




1






47



        authentication = dynamodb_auth(api_key)




1






48



        if not authentication["authenticated"]:




1






49



            raise Exception("Unauthorized")




1





50



    else:











NEW


51



        authentication = {




×







52



            "data": {"user_id": api_key},










53



            "authenticated": True,










54



            "error": None,










55



            "warnings": [],










56



        }










57












58



    return {




×







59



        "principalId": authentication["data"]["user_id"],










60



        "policyDocument": {










61



            "Version": "2012-10-17",










62



            "Statement": [










63



                {










64



                    "Action": "execute-api:Invoke",










65



                    "Effect": "Allow",










66



                    "Resource": "*",










67



                }










68



            ],










69



        },










70



        "context": authentication["data"],










71



    }
























    

  • 

    •