API : add token support.

New setup requirement (python-keystoneclient).
New config options (api_acl and api_acl_auth_url.
This commit is contained in:
François Rossigneux 2012-11-22 15:28:43 +01:00
parent 53d14a439b
commit b66a2c535b
6 changed files with 35 additions and 5 deletions

View File

@ -14,5 +14,5 @@ if __name__ == '__main__':
log.setup(config.CONF['api_log'], logging.WARNING, logging.DEBUG)
root = app.make_app(enable_acl=False)
root = app.make_app(enable_acl=config.CONF['acl_enabled'])
root.run(host='0.0.0.0', port=config.CONF['api_port'])

View File

@ -1,5 +1,9 @@
# Kwapi config file
# ACL
acl_enabled = true
acl_auth_url = http://10.0.0.2:5000/v2.0
# Communication
api_port = 5000
collector_socket = /tmp/kwapi-collector

24
kwapi/api/acl.py Normal file
View File

@ -0,0 +1,24 @@
# -*- coding: utf-8 -*-
"""Set up the ACL to access the API."""
import flask
from keystoneclient.v2_0.client import Client
from kwapi import config
def install(app):
"""Installs ACL check on application."""
app.before_request(check)
return app
def check():
"""Checks application access."""
headers = flask.request.headers
try:
client = Client(token=headers.get('X-Auth-Token'), auth_url=config.CONF['acl_auth_url'])
except:
return "Access denied", 401
else:
if not client.authenticate():
return "Access denied", 401

View File

@ -10,9 +10,9 @@ import flask.helpers
from kwapi import config
from collector import Collector
import v1
#import acl
import acl
def make_app(enable_acl=True):
def make_app(enable_acl):
"""Instantiates Flask app, attaches collector database, installs acl."""
logging.info('Starting API')
app = flask.Flask('kwapi.api')
@ -27,6 +27,6 @@ def make_app(enable_acl=True):
# Install the middleware wrapper
if enable_acl:
return acl.install(app, cfg.CONF)
return acl.install(app)
return app

View File

@ -52,6 +52,8 @@ def get_config(config_file):
# Config file format specifications
cfg = """
acl_enabled = boolean
acl_auth_url = string
api_log = string
api_port = integer
collector_socket = string

View File

@ -36,6 +36,6 @@ setup(
data_files=[('/etc/kwapi', ['etc/kwapi/kwapi.conf'])],
install_requires=['flask', 'configobj', 'pyserial', 'requests']
install_requires=['configobj', 'flask', 'pyserial', 'python-keystoneclient', 'requests']
)