Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Use request variable decorator in @authenticated_api_view 

(imported from commit ec46ec307cfb34275ebc33e429663172d3f2d169)
This commit is contained in:
Zev Benjamin 2012-11-14 13:45:13 -05:00
parent 012840108f
commit 720d04a98b
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
zephyr/decorator.py
View File

@ -61,14 +61,14 @@ def update_user_activity(request, user_profile, client):
def authenticated_api_view(view_func):
@csrf_exempt
@require_post
@has_request_variables
@wraps(view_func)
def _wrapped_view_func(request, *args, **kwargs):
email = request.POST.get("email")
def _wrapped_view_func(request, email=POST, api_key=POST('api-key'),
*args, **kwargs):
try:
user_profile = UserProfile.objects.get(user__email=email)
except UserProfile.DoesNotExist:
return json_error("Invalid user: %s" % (email,))
api_key = request.POST.get("api-key")
if api_key != user_profile.api_key:
return json_error("Invalid API key for user '%s'" % (email,))
update_user_activity(request, user_profile,