Mailu/core/admin/mailu/api/common.py

from .. import models, utils
from . import v1
from flask import request
import flask
from functools import wraps
from flask_restx import abort

def fqdn_in_use(*names):
    for name in names:
        for model in models.Domain, models.Alternative, models.Relay:
            if model.query.get(name):
                return model
    return None

""" Decorator for validating api token for authentication """
def api_token_authorization(func):
    @wraps(func)
    def decorated_function(*args, **kwds):
        client_ip = flask.request.headers.get('X-Real-IP', flask.request.remote_addr)
        if utils.limiter.should_rate_limit_ip(client_ip):
            abort(429, 'Too many attempts from your IP (rate-limit)' )
        if request.args.get('api_token') != v1.api_token:
            utils.limiter.rate_limit_ip(client_ip)
            flask.current_app.logger.warn(f'Invalid API token provided by {client_ip}.')
            abort(401, 'A valid API token is expected as query string parameter')
        else:
            flask.current_app.logger.info(f'Valid API token provided by {client_ip}.')
        return func(*args, **kwds)
    return decorated_function
Introduction of the Mailu RESTful API. Anything that can be configured in the web administration interface, can also be configured via the Mailu RESTful API. See the section Advanced configuration in the configuration reference for the relevant settings in mailu.env for enabling the API. (API, WEB_API, API_TOKEN). 2022-09-25 10:18:09 +02:00			`from .. import models, utils`
			`from . import v1`
			`from flask import request`
			`import flask`
			`from functools import wraps`
			`from flask_restx import abort`
first try at api using flask-restx & marshmallow 2021-01-06 18:05:21 +02:00
			`def fqdn_in_use(*names):`
			`for name in names:`
			`for model in models.Domain, models.Alternative, models.Relay:`
			`if model.query.get(name):`
			`return model`
			`return None`
Introduction of the Mailu RESTful API. Anything that can be configured in the web administration interface, can also be configured via the Mailu RESTful API. See the section Advanced configuration in the configuration reference for the relevant settings in mailu.env for enabling the API. (API, WEB_API, API_TOKEN). 2022-09-25 10:18:09 +02:00
			`""" Decorator for validating api token for authentication """`
			`def api_token_authorization(func):`
			`@wraps(func)`
			`def decorated_function(args, *kwds):`
			`client_ip = flask.request.headers.get('X-Real-IP', flask.request.remote_addr)`
			`if utils.limiter.should_rate_limit_ip(client_ip):`
			`abort(429, 'Too many attempts from your IP (rate-limit)' )`
			`if request.args.get('api_token') != v1.api_token:`
			`utils.limiter.rate_limit_ip(client_ip)`
			`flask.current_app.logger.warn(f'Invalid API token provided by {client_ip}.')`
			`abort(401, 'A valid API token is expected as query string parameter')`
			`else:`
			`flask.current_app.logger.info(f'Valid API token provided by {client_ip}.')`
			`return func(args, *kwds)`
			`return decorated_function`