def prepare self if self request method OPTIONS return Auth by header

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
def prepare(self):
if self.request.method == 'OPTIONS':
return
# Auth by header key
api_key = self.request.headers.get('X-Api-Key')
if api_key is not None:
try:
self._app = self.settings['config']['users'][api_key]['name']
return
except MissingArgumentError:
pass
params = self.request.arguments
app = self.get_argument('app')
self._app = app
crc = self.get_argument('checksum')
if app not in self.settings['config']['keys']:
raise HTTPError(403)
app_key = self.settings['config']['keys'][app]
del params['checksum']
values = [params[key][0] for key in sorted(params.keys())]
values.append(app_key)
values = ''.join(values)
hasher = hashlib.md5(values)
if crc != hasher.hexdigest():
raise HTTPError(403)