summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/leap/soledad/server.py27
1 files changed, 9 insertions, 18 deletions
diff --git a/src/leap/soledad/server.py b/src/leap/soledad/server.py
index 7aa253a3..331f64aa 100644
--- a/src/leap/soledad/server.py
+++ b/src/leap/soledad/server.py
@@ -171,21 +171,6 @@ class SoledadAuthMiddleware(object):
return False
return True
- def need_auth(self, environ):
- """
- Check if action can be performed on database without authentication.
-
- For now, just allow access to /shared/*.
-
- @param environ: Dictionary containing CGI variables.
- @type environ: dict
-
- @return: Whether the requests needs authentication.
- @rtype: bool
- """
- # TODO: design unauth verification.
- return not environ.get(self.PATH_INFO_KEY).startswith('/shared/')
-
#-----------------------------------------------------------------------------
# Soledad WSGI application
@@ -196,6 +181,11 @@ class SoledadApp(http_app.HTTPApp):
Soledad WSGI application
"""
+ SHARED_DB_NAME = 'shared'
+ """
+ The name of the shared database that holds user's encrypted secrets.
+ """
+
def __call__(self, environ, start_response):
"""
Handle a WSGI call to the Soledad application.
@@ -209,6 +199,8 @@ class SoledadApp(http_app.HTTPApp):
@return: HTTP application results.
@rtype: list
"""
+ # ensure the shared database exists
+ self.state.ensure_database(self.SHARED_DB_NAME)
return http_app.HTTPApp.__call__(self, environ, start_response)
@@ -244,11 +236,10 @@ def load_configuration(file_path):
# Run as Twisted WSGI Resource
#-----------------------------------------------------------------------------
-# TODO: create command-line option for choosing config file.
conf = load_configuration('/etc/leap/soledad-server.conf')
state = CouchServerState(conf['couch_url'])
-application = SoledadAuthMiddleware(
- SoledadApp(state))
+# WSGI application that may be used by `twistd -web`
+application = SoledadAuthMiddleware(SoledadApp(state))
resource = WSGIResource(reactor, reactor.getThreadPool(), application)