Use decorators for apikey

readme.txt

@@ -8,7 +8,7 @@ git clone ...
 
 pip3 install --user pipenv
 
-cd motus_remote3
+cd motus_remote
 pipenv install --dev  # or without --dev if prod
 cp /usr/bin/zipinfo test-file
 pipenv shell

web/app.py

@@ -4,11 +4,23 @@ import rq
 from rq.job import Job
 import tasks
 from flask import Flask, request, jsonify
+from functools import wraps
 
 app = Flask(__name__)
 queue = rq.Queue("motus", connection=Redis.from_url("redis://"))
 redis = Redis()
 
+# APIKEY Decororator
+def apikey(f):
+    @wraps(f)
+    def check_apikey(*args, **kwargs):
+        if request.headers.get("X-Api-Key") == "fbdhjsbf43443refdsafa":
+            return f(*args, **kwargs)
+        else:
+            return jsonify({"message": "ERROR: Unauthorized"}), 401
+
+    return check_apikey
+
 
 @app.route("/")
 @app.route("/index")
@@ -17,12 +29,8 @@ def index():
 
 
 @app.route("/check")
+@apikey
 def check():
-    headers = request.headers
-    auth = headers.get("X-Api-Key")
-    if auth != "fbdhjsbf43443refdsafa":
-        return jsonify({"message": "ERROR: Unauthorized"}), 401
-
     algorithm = request.args.get("type", default="sha256", type=str)
     filename = request.args.get("filename", default="", type=str)
     hashval = request.args.get("hash", default="", type=str)
@@ -41,13 +49,14 @@ def check():
         return jsonify({"message": "ERROR: Unable to Access File"}), 400
 
     job = queue.enqueue(tasks.check_hash, algorithm, filename, hashval)
-    job.meta["status"] = "Processing: 0%".format(filesize)
+    job.meta["status"] = "Processing: 0%"
     job.save_meta()
 
     return jsonify({"message": "OK: Job Submitted", "jobid": job.get_id()}), 200
 
 
 @app.route("/status")
+@apikey
 def status():
     headers = request.headers
     auth = headers.get("X-Api-Key")