(*args, **kwargs)
| 68 | rule = self.path + rule |
| 69 | |
| 70 | async def handler_error(*args, **kwargs): |
| 71 | if auth_type == AuthType.USER_TOKEN: |
| 72 | # get token from Authorization header |
| 73 | token = quart.request.headers.get('Authorization', '').replace('Bearer ', '') |
| 74 | |
| 75 | if not token: |
| 76 | return self.http_status(401, -1, 'No valid user token provided') |
| 77 | |
| 78 | try: |
| 79 | user_email = await self.ap.user_service.verify_jwt_token(token) |
| 80 | |
| 81 | # check if this account exists |
| 82 | user = await self.ap.user_service.get_user_by_email(user_email) |
| 83 | if not user: |
| 84 | return self.http_status(401, -1, 'User not found') |
| 85 | |
| 86 | # check if f accepts user_email parameter |
| 87 | if 'user_email' in f.__code__.co_varnames: |
| 88 | kwargs['user_email'] = user_email |
| 89 | except Exception as e: |
| 90 | return self.http_status(401, -1, str(e)) |
| 91 | |
| 92 | elif auth_type == AuthType.API_KEY: |
| 93 | # get API key from Authorization header or X-API-Key header |
| 94 | api_key = quart.request.headers.get('X-API-Key', '') |
| 95 | if not api_key: |
| 96 | auth_header = quart.request.headers.get('Authorization', '') |
| 97 | if auth_header.startswith('Bearer '): |
| 98 | api_key = auth_header.replace('Bearer ', '') |
| 99 | |
| 100 | if not api_key: |
| 101 | return self.http_status(401, -1, 'No valid API key provided') |
| 102 | |
| 103 | try: |
| 104 | is_valid = await self.ap.apikey_service.verify_api_key(api_key) |
| 105 | if not is_valid: |
| 106 | return self.http_status(401, -1, 'Invalid API key') |
| 107 | except Exception as e: |
| 108 | return self.http_status(401, -1, str(e)) |
| 109 | |
| 110 | elif auth_type == AuthType.USER_TOKEN_OR_API_KEY: |
| 111 | # Try API key first (check X-API-Key header) |
| 112 | api_key = quart.request.headers.get('X-API-Key', '') |
| 113 | |
| 114 | if api_key: |
| 115 | # API key authentication |
| 116 | try: |
| 117 | is_valid = await self.ap.apikey_service.verify_api_key(api_key) |
| 118 | if not is_valid: |
| 119 | return self.http_status(401, -1, 'Invalid API key') |
| 120 | except Exception as e: |
| 121 | return self.http_status(401, -1, str(e)) |
| 122 | else: |
| 123 | # Try user token authentication (Authorization header) |
| 124 | token = quart.request.headers.get('Authorization', '').replace('Bearer ', '') |
| 125 | |
| 126 | if not token: |
| 127 | return self.http_status( |
nothing calls this directly
no test coverage detected