MCPcopy Index your code
hub / github.com/OWASP/Python-Honeypot / authorization_check

Function authorization_check

api/server.py:199–217  ·  view source on GitHub ↗

check if IP filtering applied and API address is in whitelist also API Key is valid Returns: None or Abort(403) or Abort(401)

()

Source from the content-addressed store, hash-verified

197
198@app.before_request
199def authorization_check():
200 """
201 check if IP filtering applied and API address is in whitelist also
202 API Key is valid
203
204 Returns:
205 None or Abort(403) or Abort(401)
206 """
207 # IP Limitation
208 white_list_enabled = app.config["OWASP_HONEYPOT_CONFIG"]["api_client_white_list"]
209 white_list_ips = app.config["OWASP_HONEYPOT_CONFIG"]["api_client_white_list_ips"]
210 api_access_without_key = app.config["OWASP_HONEYPOT_CONFIG"]["api_access_without_key"]
211
212 if white_list_enabled:
213 if flask_request.remote_addr not in white_list_ips:
214 abort(403, "unauthorized IP")
215 if not api_access_without_key:
216 is_authorized()
217 return
218
219
220@app.route("/", methods=["GET", "POST"])

Callers

nothing calls this directly

Calls 1

is_authorizedFunction · 0.85

Tested by

no test coverage detected