2019-09-30 14:19:00 +01:00
|
|
|
import functools
|
|
|
|
import logging
|
|
|
|
|
|
|
|
from flask import session, request, jsonify
|
|
|
|
|
2019-10-19 17:14:11 +01:00
|
|
|
from music.db import database as database
|
2019-09-30 14:19:00 +01:00
|
|
|
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
|
|
|
|
|
|
|
def is_logged_in():
|
|
|
|
if 'username' in session:
|
|
|
|
return True
|
|
|
|
else:
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
|
|
def is_basic_authed():
|
|
|
|
if request.authorization:
|
|
|
|
if request.authorization.get('username', None) and request.authorization.get('password', None):
|
2019-10-23 14:44:17 +01:00
|
|
|
if database.get_user(request.authorization.username).check_password(request.authorization.password):
|
2019-09-30 14:19:00 +01:00
|
|
|
return True
|
|
|
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
|
|
def login_required(func):
|
|
|
|
@functools.wraps(func)
|
|
|
|
def login_required_wrapper(*args, **kwargs):
|
|
|
|
if is_logged_in():
|
|
|
|
return func(username=session['username'], *args, **kwargs)
|
|
|
|
else:
|
|
|
|
logger.warning('user not logged in')
|
|
|
|
return jsonify({'error': 'not logged in'}), 401
|
|
|
|
return login_required_wrapper
|
|
|
|
|
|
|
|
|
|
|
|
def login_or_basic_auth(func):
|
|
|
|
@functools.wraps(func)
|
|
|
|
def login_or_basic_auth_wrapper(*args, **kwargs):
|
|
|
|
if is_logged_in():
|
|
|
|
return func(username=session['username'], *args, **kwargs)
|
|
|
|
elif is_basic_authed():
|
|
|
|
return func(username=request.authorization.username, *args, **kwargs)
|
|
|
|
else:
|
|
|
|
logger.warning('user not logged in')
|
|
|
|
return jsonify({'error': 'not logged in'}), 401
|
|
|
|
|
|
|
|
return login_or_basic_auth_wrapper
|
|
|
|
|
|
|
|
|
|
|
|
def admin_required(func):
|
|
|
|
@functools.wraps(func)
|
|
|
|
def admin_required_wrapper(*args, **kwargs):
|
2019-10-23 14:44:17 +01:00
|
|
|
db_user = database.get_user(kwargs.get('username'))
|
2019-09-30 14:19:00 +01:00
|
|
|
|
2019-10-23 14:44:17 +01:00
|
|
|
if db_user is not None:
|
|
|
|
if db_user.user_type == db_user.Type.admin:
|
2019-09-30 14:19:00 +01:00
|
|
|
return func(*args, **kwargs)
|
|
|
|
else:
|
2019-10-23 14:44:17 +01:00
|
|
|
logger.warning(f'{db_user.username} not authorized')
|
2019-09-30 14:19:00 +01:00
|
|
|
return jsonify({'status': 'error', 'message': 'unauthorized'}), 401
|
|
|
|
else:
|
|
|
|
logger.warning('user not logged in')
|
|
|
|
return jsonify({'error': 'not logged in'}), 401
|
|
|
|
|
|
|
|
return admin_required_wrapper
|
|
|
|
|
|
|
|
|
|
|
|
def spotify_link_required(func):
|
|
|
|
@functools.wraps(func)
|
|
|
|
def spotify_link_required_wrapper(*args, **kwargs):
|
2019-10-23 14:44:17 +01:00
|
|
|
db_user = database.get_user(kwargs.get('username'))
|
2019-09-30 14:19:00 +01:00
|
|
|
|
2019-10-23 14:44:17 +01:00
|
|
|
if db_user is not None:
|
|
|
|
if db_user.spotify_linked:
|
2019-09-30 14:19:00 +01:00
|
|
|
return func(*args, **kwargs)
|
|
|
|
else:
|
2019-10-23 14:44:17 +01:00
|
|
|
logger.warning(f'{db_user.username} spotify not linked')
|
2019-09-30 14:19:00 +01:00
|
|
|
return jsonify({'status': 'error', 'message': 'spotify not linked'}), 401
|
|
|
|
else:
|
|
|
|
logger.warning('user not logged in')
|
|
|
|
return jsonify({'error': 'not logged in'}), 401
|
|
|
|
|
|
|
|
return spotify_link_required_wrapper
|
|
|
|
|
|
|
|
|
2019-10-07 12:21:26 +01:00
|
|
|
def lastfm_username_required(func):
|
|
|
|
@functools.wraps(func)
|
|
|
|
def lastfm_username_required_wrapper(*args, **kwargs):
|
2019-10-23 14:44:17 +01:00
|
|
|
db_user = database.get_user(kwargs.get('username'))
|
2019-10-07 12:21:26 +01:00
|
|
|
|
2019-10-23 14:44:17 +01:00
|
|
|
if db_user is not None:
|
|
|
|
if db_user.lastfm_username and len(db_user.lastfm_username) > 0:
|
2019-10-07 12:21:26 +01:00
|
|
|
return func(*args, **kwargs)
|
|
|
|
else:
|
2019-10-23 14:44:17 +01:00
|
|
|
logger.warning(f'no last.fm username for {db_user.username}')
|
2019-10-07 12:21:26 +01:00
|
|
|
return jsonify({'status': 'error', 'message': 'no last.fm username'}), 401
|
|
|
|
else:
|
|
|
|
logger.warning('user not logged in')
|
|
|
|
return jsonify({'error': 'not logged in'}), 401
|
|
|
|
|
|
|
|
return lastfm_username_required_wrapper
|
|
|
|
|
|
|
|
|
2019-09-30 14:19:00 +01:00
|
|
|
def gae_cron(func):
|
|
|
|
@functools.wraps(func)
|
|
|
|
def gae_cron_wrapper(*args, **kwargs):
|
|
|
|
|
|
|
|
if request.headers.get('X-Appengine-Cron', None):
|
|
|
|
return func(*args, **kwargs)
|
|
|
|
else:
|
|
|
|
logger.warning('user not logged in')
|
|
|
|
return jsonify({'status': 'error', 'message': 'unauthorised'}), 401
|
|
|
|
|
|
|
|
return gae_cron_wrapper
|
|
|
|
|
|
|
|
|
|
|
|
def cloud_task(func):
|
|
|
|
@functools.wraps(func)
|
|
|
|
def cloud_task_wrapper(*args, **kwargs):
|
|
|
|
|
|
|
|
if request.headers.get('X-AppEngine-QueueName', None):
|
|
|
|
return func(*args, **kwargs)
|
|
|
|
else:
|
|
|
|
logger.warning('non tasks request')
|
|
|
|
return jsonify({'status': 'error', 'message': 'unauthorised'}), 401
|
|
|
|
|
|
|
|
return cloud_task_wrapper
|