API Documentation

Web Token REST API

The Rutabaga API provides the following endpoints:

Rootapi service at /

GET

Provide a simple text response with the X-Rutabaga-Revision header set to the current revision_id.

Response: cornicejson

Tokenapi service at /tokens/{username}

DELETE

Invalidate an existing token.

Param secret:

auth token id.

Response: cornicejson

Collection_Tokenapi service at /tokens

POST

Get a new time limited auth token.

Param username:

a unique identifier for this token.

Returns:

A json object in the form: {‘username’: username, ‘secret’: unique_id, ‘timestamp’: timestamp}

Response: cornicejson

Tokenvalidationapi service at /validate

POST

Validate a token (username and secret pair).

Param username:

username for existing token.

Param secret:

secret of existing token.

Response: cornicejson

Auth API

The auth module provides methods for creating, persisting, invaliding and deleting tokens. Tokens are persisted to a sqlite3 store.

rutabaga.auth.create_token(username, conn=None)

Create a unique token, or return existing valid token.

‘username secret’ are effectively ‘username password’ for proxy basic auth.

rutabaga.auth.delete_invalid_tokens(conn=None)

Delete invalid tokens.

Called from sweeper.

rutabaga.auth.invalidate_token(username, conn=None)

Invalidate a token.

rutabaga.auth.retrieve_token(username, secret, conn=None)

Retrieve a valid token from database by secret.

rutabaga.auth.store_token(token, conn=None)

Persist token.