Montage des routes uniquement si les variables DOMAINDICt et SECREt sont présentes

2021-04-27 08:26:48 +02:00 · 2021-04-27 08:26:48 +02:00 · 933f456c86
parent 5276833afe
commit 933f456c86
2 changed files with 25 additions and 12 deletions
--- a/halfapi/app.py
+++ b/halfapi/app.py
@ -42,31 +42,29 @@ routes = [ Route('/', get_api_routes) ]


 routes += [
-    Route('/halfapi/current_user', lambda request, *args, **kwargs:
-        ORJSONResponse({'user':request.user.json})
-        if not isinstance(request.user, UnauthenticatedUser)
-        else ORJSONResponse({'user': None})),
    Route('/halfapi/schema', schema_json),
    Route('/halfapi/acls', get_acls)
 ]

+routes += Route('/halfapi/current_user', lambda request, *args, **kwargs:
+    ORJSONResponse({'user':request.user.json})
+    if SECRET and not isinstance(request.user, UnauthenticatedUser)
+    else ORJSONResponse({'user': None})),
+
+
 if not PRODUCTION:
    for route in debug_routes():
        routes.append( route )


-for route in gen_starlette_routes(DOMAINSDICT()):
-    routes.append(route)
+if DOMAINSDICT:
+    for route in gen_starlette_routes(DOMAINSDICT()):
+        routes.append(route)


 application = Starlette(
    debug=not PRODUCTION,
    routes=routes,
-    middleware=[
-        Middleware(DomainMiddleware, config=config),
-        Middleware(AuthenticationMiddleware,
-            backend=JWTAuthenticationBackend(secret_key=SECRET))
-    ],
    exception_handlers={
        401: UnauthorizedResponse,
        404: NotFoundResponse,
@ -75,6 +73,18 @@ application = Starlette(
    }
 )

+if DOMAINSDICT:
+    application.add_middleware(
+        DomainMiddleware,
+        config=config
+    )
+
+if SECRET:
+    application.add_middleware(
+        AuthenticationMiddleware,
+        backend=JWTAuthenticationBackend(secret_key=SECRET)
+    )
+
 if not PRODUCTION:
    application.add_middleware(
        TimingMiddleware,
--- a/tests/test_debug_routes.py
+++ b/tests/test_debug_routes.py
@ -12,7 +12,10 @@ def test_get_api_routes():
    assert isinstance(d_r, dict)


-def test_current_user():
+def test_current_user(project_runner):
+    """
+    Missing HALFAPI_SECRET to give current user route
+    """
    c = TestClient(application)
    r = c.get('/halfapi/current_user')
    assert r.status_code == 200