| 1 | # GNU MediaGoblin -- federated, autonomous media hosting |
| 2 | # Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS. |
| 3 | # |
| 4 | # This program is free software: you can redistribute it and/or modify |
| 5 | # it under the terms of the GNU Affero General Public License as published by |
| 6 | # the Free Software Foundation, either version 3 of the License, or |
| 7 | # (at your option) any later version. |
| 8 | # |
| 9 | # This program is distributed in the hope that it will be useful, |
| 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 12 | # GNU Affero General Public License for more details. |
| 13 | # |
| 14 | # You should have received a copy of the GNU Affero General Public License |
| 15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
| 16 | |
| 17 | from functools import wraps |
| 18 | |
| 19 | from mediagoblin.plugins.oauth.models import OAuthClient |
| 20 | from mediagoblin.plugins.api.tools import json_response |
| 21 | |
| 22 | |
| 23 | def require_client_auth(controller): |
| 24 | @wraps(controller) |
| 25 | def wrapper(request, *args, **kw): |
| 26 | if not request.GET.get('client_id'): |
| 27 | return json_response({ |
| 28 | 'status': 400, |
| 29 | 'errors': [u'No client identifier in URL']}, |
| 30 | _disable_cors=True) |
| 31 | |
| 32 | client = OAuthClient.query.filter( |
| 33 | OAuthClient.identifier == request.GET.get('client_id')).first() |
| 34 | |
| 35 | if not client: |
| 36 | return json_response({ |
| 37 | 'status': 400, |
| 38 | 'errors': [u'No such client identifier']}, |
| 39 | _disable_cors=True) |
| 40 | |
| 41 | return controller(request, client) |
| 42 | |
| 43 | return wrapper |