func authorizeByAPIToken(req *wcg.Request) {
tokenString := req.Header(request.APITokenHeader)
if !lib.IsOnGAE() && !lib.IsProduction() && tokenString == string(request.APITestUser.Token) {
req.User = request.APITestUser
return
}
if !wcg.IsUUID(tokenString) {
// Do not access APIToken entity if it's not a valid UUID.
return
}
_, ent, err := entities.APIToken.Get().Key(tokenString).Cache(true).One(req)
if err == nil {
req.User = &request.APITokenUser{ent.(*models.APIToken)}
return
}
}