feat: Add auth-token for batch operations #356
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
app/utils/check_utils.py
Outdated
Comment on lines
115
to
117
| except AuthorizationError: | ||
| auth_error(request, issuer_address, "issuer does not exist") | ||
| raise AuthorizationError("issuer does not exist, or password mismatch") |
There was a problem hiding this comment.
I think it would be better to use raise Exception from None or raise Exception from e when re-raise Exception
because this may generate log like following.
The above exception was the direct cause of the following exception:
Alternatively, it may be better to leave error raising to each function.
(Might add more arguments for log output needed in case of authentication failure)
Comment on lines
+418
to
+425
| if auth_token is not None: | ||
| # If a valid auth token already exists, return an error. | ||
| if auth_token.valid_duration == 0: | ||
| raise AuthTokenAlreadyExistsError() | ||
| else: | ||
| expiration_datetime = auth_token.usage_start + timedelta(seconds=auth_token.valid_duration) | ||
| if datetime.utcnow() <= expiration_datetime: | ||
| raise AuthTokenAlreadyExistsError() |
There was a problem hiding this comment.
| AuthToken Status | => | Action |
|---|---|---|
| Not exist | => | Create |
| Exist and not expired | => | Error |
| Exist and expired | => | Renew |
LGTM
purplesmoke05
approved these changes
Jul 19, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Close
close #354
Changes
New Table
auth_tokenNew API
POST: /accounts/{issuer_address}/auth_tokenDELETE: /accounts/{issuer_address}/auth_tokenBehavior Changed API
Authorization using auth-token is available for the following APIs, in addition to authorization using eoa-password.
POST: /bond/tokensPOST: /bond/tokens/{token_address}POST: /bond/tokens/{token_address}/additional_issuePOST: /bond/tokens/{token_address}/redeemPOST: /bond/tokens/{token_address}/personal_infoPOST: /bond/tokens/{token_address}/personal_info/batchPOST: /bond/tokens/{token_address}/holders/{account_address}/personal_infoPOST: /bond/transfersPOST: /bond/bulk_transferPOST: /bond/transfer_approvals/{token_address}/{id}POST: /share/tokensPOST: /share/tokens/{token_address}POST: /share/tokens/{token_address}/additional_issuePOST: /share/tokens/{token_address}/redeemPOST: /share/tokens/{token_address}/personal_infoPOST: /share/tokens/{token_address}/personal_info/batchPOST: /share/tokens/{token_address}/holders/{account_address}/personal_infoPOST: /share/transfersPOST: /share/bulk_transferPOST: /share/transfer_approvals/{token_address}/{id}