Add a feature flag for disabling unauthenticated access to the registry in its entirety.

2015-05-19 17:52:44 -04:00 · 2015-05-19 17:52:44 -04:00 · 54992c23b7
commit 54992c23b7
parent 598fc6ec46
15 changed files with 147 additions and 25 deletions
--- a/endpoints/api/user.py
+++ b/endpoints/api/user.py
@ -15,6 +15,7 @@ from endpoints.api import (ApiResource, nickname, resource, validate_json_reques
                           RepositoryParamResource)
 from endpoints.api.subscribe import subscribe
 from endpoints.common import common_login
+from endpoints.decorators import anon_allowed
 from endpoints.api.team import try_accept_invite

 from data import model
@ -203,6 +204,7 @@ class User(ApiResource):
  @require_scope(scopes.READ_USER)
  @nickname('getLoggedInUser')
  @define_json_response('UserView')
+  @anon_allowed
  def get(self):
    """ Get user information for the authenticated user. """
    user = get_authenticated_user()
@ -498,6 +500,7 @@ class Signin(ApiResource):

  @nickname('signinUser')
  @validate_json_request('SigninUser')
+  @anon_allowed
  def post(self):
    """ Sign in the user with the specified credentials. """
    signin_data = request.get_json()