diff --git a/app.py b/app.py index cd31e35..691e2d4 100644 --- a/app.py +++ b/app.py @@ -18,6 +18,26 @@ from gitmgr import GitManagerConfiguration, GitManager startup_timestamp = datetime.now() +class AuthenticatedHandler(tornado.web.RequestHandler, metaclass=ABCMeta): + # noinspection PyAttributeOutsideInit + def initialize(self, auth_provider=None): + self.auth_provider = auth_provider + + def prepare(self): + if self.auth_provider is None: + return + + # check authentication + auth_hdr = "Authentication" + if auth_hdr not in self.request.headers: + raise tornado.web.HTTPError(401, reason="authentication not provided") + + tk = self.request.headers[auth_hdr] + + if not self.auth_provider.validate_token(tk): + raise tornado.web.HTTPError(403, reason="invalid authentication token provided") + + class HealthHandler(tornado.web.RequestHandler, metaclass=ABCMeta): # noinspection PyAttributeOutsideInit def initialize(self, sources=None): @@ -77,12 +97,38 @@ class Oas3Handler(tornado.web.RequestHandler, metaclass=ABCMeta): self.finish() +class AllEntitiesHandler(AuthenticatedHandler, metaclass=ABCMeta): + # noinspection PyAttributeOutsideInit + def initialize(self, auth_provider=None): + super().initialize(auth_provider) + + def post(self): + pass + + def get(self): + pass + + +class SingleEntityHandler(AuthenticatedHandler, metaclass=ABCMeta): + # noinspection PyAttributeOutsideInit + def initialize(self, auth_provider=None): + super().initialize(auth_provider) + + def post(self, identifier): + pass + + def get(self, identifier): + pass + + def make_app(_auth_provider=None, gitmgr=None): version_path = r"/v[0-9]" return tornado.web.Application([ (version_path + r"/health", HealthHandler, {"sources": [lambda: {"git-head": gitmgr.head_sha}] if gitmgr else None}), (version_path + r"/oas3", Oas3Handler), + (version_path + r"/entities", AllEntitiesHandler, {"auth_provider": _auth_provider}), + (version_path + r"/entity/{.*}", SingleEntityHandler, {"auth_provider": _auth_provider}), ])