Handle permission denied and relogin cases

2018-06-23 14:06:40 +00:00 · 2018-06-23 14:06:40 +00:00 · 5b4523c797
commit 5b4523c797
parent baa6de4f27
2 changed files with 22 additions and 4 deletions
--- a/re2oapi/client.py
+++ b/re2oapi/client.py
@ -57,8 +57,7 @@ class Re2oAPIClient:
        try:
            self.token = self._get_token_from_file()
        except exceptions.APIClientGenericError:
-            self.token = self._get_token_from_server()
-            self._save_token_to_file()
+            self._force_renew_token()

    @property
    def need_renew_token(self):
@ -141,6 +140,10 @@ class Re2oAPIClient:
            'expiration': iso8601.parse_date(response['expiration'])
        }

+    def _force_renew_token(self):
+        self.token = self._get_token_from_server()
+        self._save_token_to_file()
+
    def get_token(self):
        """Retrieves the token to use for the current connection.

@ -153,8 +156,8 @@ class Re2oAPIClient:
                renewed but the given credentials are not valid.
        """
        if self.need_renew_token:
-            self.token = self._get_token_from_server()
-            self._save_token_to_file()
+            # Renew the token only if needed
+            self._force_renew_token()
        return self.token['token']

    def _request(self, method, url, headers={}, params={}, *args, **kwargs):
@ -172,6 +175,18 @@ class Re2oAPIClient:
        response = getattr(requests, method)(
            url, headers=headers, params=params, *args, **kwargs
        )
+        if response.status_code == requests.codes.unauthorized:
+            # Force re-login to the server (case of a wrong token but valid
+            # credentials) and then retry the request without catching errors.
+            self._force_renew_token()
+            headers.update({
+                'Authorization': 'Token {}'.format(self.get_token())
+            })
+            response = getattr(requests, method)(
+                url, headers=headers, params=params, *args, **kwargs
+            )
+        if response.status_code == requests.codes.forbidden:
+            raise exceptions.PermissionDenied(method, url, self._username)
        response.raise_for_status()

        return response.json()
--- a/re2oapi/exceptions.py
+++ b/re2oapi/exceptions.py
@ -19,6 +19,9 @@ class InvalidCredentials(APIClientGenericError):
    template = "The credentials for {}@{} are not valid."


+class PermissionDenied(APIClientGenericError):
+    template = "The {} request to '{}' was denied for {}."
+
 class TokenFileNotFound(APIClientGenericError):
    template = "Token file at {} not found."