func getAPITokenHeader(req *wcg.Request) string {
token := req.Header(request.APITokenHeader)
if wcg.IsUUID(token) {
return token
}
return ""
}
func canSkipSessionMiddleware(req *wcg.Request) bool {
return req.Header(request.APITokenHeader) != "" ||
request.IsStatic(req) ||
request.IsHook(req) ||
request.IsCron(req) ||
request.IsTask(req)
}
func debugger(res *wcg.Response, req *wcg.Request) {
if !gates.CanPass(req, "debugger") {
return
}
if req.Header("x-ajax-request") == "true" {
// TODO: implement debugger here
}
}
// NewTaskUser creatse a *APITokenUser for the task
func NewTaskUser(req *wcg.Request) *APITokenUser {
return &APITokenUser{
&models.APIToken{
Token: "x-appengine-taskqueue",
Description: fmt.Sprintf(
"TaskName=%q, QueueName=%q",
req.Header("X-AppEngine-TaskName"),
req.Header("X-AppEngine-QueueName"),
),
CreatedAt: time.Now(),
AlertOn: time.Duration(0),
LastAccess: time.Now(),
},
}
}
func authorizeByAPIToken(req *wcg.Request) {
tokenString := req.Header(request.APITokenHeader)
if !lib.IsOnGAE() && !lib.IsProduction() && tokenString == string(request.APITestUser.Token) {
req.User = request.APITestUser
return
}
if !wcg.IsUUID(tokenString) {
// Do not access APIToken entity if it's not a valid UUID.
return
}
_, ent, err := entities.APIToken.Get().Key(tokenString).Cache(true).One(req)
if err == nil {
req.User = &request.APITokenUser{ent.(*models.APIToken)}
return
}
}
// IsTaskRequest returns true if the request is comming from TaskQueue.
func IsTask(req *wcg.Request) bool {
return req.Header(TaskQueueHeader) != ""
}
// IsCronRequest returns true if the request is comming from cron.
func IsCron(req *wcg.Request) bool {
return strings.HasPrefix(req.URL().Path, CronPathPrefix) && req.Header(CronHeader) != ""
}