Add a special api_login_required which does not generate the signin redirect.

endpoints/api.py

@@ -16,6 +16,15 @@ from auth.permissions import (ReadRepositoryPermission,
 logger = logging.getLogger(__name__)
 
 
+def api_login_required(f):
+  @wraps(f)
+  def decorated_view(*args, **kwargs):
+    if not current_user.is_authenticated():
+      abort(401)
+    return f(*args, **kwargs)
+  return decorated_view
+
+
 @app.errorhandler(model.DataModelException)
 def handle_dme(ex):
   return make_response(ex.message, 400)
@@ -27,7 +36,7 @@ def welcome():
 
 
 @app.route('/api/user/')
-@login_required
+@api_login_required
 def get_logged_in_user():
   user = current_user.db_user
   return jsonify({
@@ -49,13 +58,13 @@ def get_matching_users(prefix):
 
 
 @app.route('/api/repository/', methods=['POST'])
-@login_required
+@api_login_required
 def create_repo_api():
   pass
 
 
 @app.route('/api/repository/find/<prefix>', methods=['GET'])
-@login_required
+@api_login_required
 def match_repos_api(prefix):
   def repo_view(repo):
     return {
@@ -74,7 +83,7 @@ def match_repos_api(prefix):
 
 
 @app.route('/api/repository/', methods=['GET'])
-@login_required
+@api_login_required
 def list_repos_api():
   def repo_view(repo_obj):
     return {
@@ -94,7 +103,7 @@ def list_repos_api():
 
 
 @app.route('/api/repository/<path:repository>', methods=['PUT'])
-@login_required
+@api_login_required
 @parse_repository_name
 def update_repo_api(namespace, repository):
   permission = ModifyRepositoryPermission(namespace, repository)
@@ -112,7 +121,7 @@ def update_repo_api(namespace, repository):
 
 
 @app.route('/api/repository/<path:repository>/changevisibility', methods=['POST'])
-@login_required
+@api_login_required
 @parse_repository_name
 def change_repo_visibility_api(namespace, repository):
   permission = AdministerRepositoryPermission(namespace, repository)
@@ -137,7 +146,7 @@ def image_view(image):
 
 
 @app.route('/api/repository/<path:repository>', methods=['GET'])
-@login_required
+@api_login_required
 @parse_repository_name
 def get_repo_api(namespace, repository):
   logger.debug('Get repo: %s/%s' % (namespace, repository))
@@ -183,7 +192,7 @@ def role_view(repo_perm_obj):
 
 @app.route('/api/repository/<path:repository>/tag/<tag>/images',
            methods=['GET'])
-@login_required
+@api_login_required
 @parse_repository_name
 def list_tag_images(namespace, repository, tag):
   permission = ReadRepositoryPermission(namespace, repository)
@@ -203,7 +212,7 @@ def list_tag_images(namespace, repository, tag):
 
 
 @app.route('/api/repository/<path:repository>/permissions/', methods=['GET'])
-@login_required
+@api_login_required
 @parse_repository_name
 def list_repo_permissions(namespace, repository):
   permission = AdministerRepositoryPermission(namespace, repository)
@@ -220,7 +229,7 @@ def list_repo_permissions(namespace, repository):
 
 @app.route('/api/repository/<path:repository>/permissions/<username>',
            methods=['GET'])
-@login_required
+@api_login_required
 @parse_repository_name
 def get_permissions(namespace, repository, username):
   logger.debug('Get repo: %s/%s permissions for user %s' %
@@ -235,7 +244,7 @@ def get_permissions(namespace, repository, username):
 
 @app.route('/api/repository/<path:repository>/permissions/<username>',
            methods=['PUT', 'POST'])
-@login_required
+@api_login_required
 @parse_repository_name
 def change_permissions(namespace, repository, username):
   permission = AdministerRepositoryPermission(namespace, repository)
@@ -262,7 +271,7 @@ def change_permissions(namespace, repository, username):
 
 @app.route('/api/repository/<path:repository>/permissions/<username>',
            methods=['DELETE'])
-@login_required
+@api_login_required
 @parse_repository_name
 def delete_permissions(namespace, repository, username):
   permission = AdministerRepositoryPermission(namespace, repository)