Beispiel #1
0
func authorizeByAPIToken(req *wcg.Request) {
	tokenString := req.Header(request.APITokenHeader)
	if !lib.IsOnGAE() && !lib.IsProduction() && tokenString == string(request.APITestUser.Token) {
		req.User = request.APITestUser
		return
	}
	if !wcg.IsUUID(tokenString) {
		// Do not access APIToken entity if it's not a valid UUID.
		return
	}

	_, ent, err := entities.APIToken.Get().Key(tokenString).Cache(true).One(req)
	if err == nil {
		req.User = &request.APITokenUser{ent.(*models.APIToken)}
		return
	}
}