Reference¶

This is a reference of all the methods withing the API.

Middleware¶

class sikre.middleware.handle_404.WrongURL[source]¶

process_response(req, resp, resource='')[source]¶

Intercept main 404 response by Falcon

If the API hits a non existing endpoint, it will trigger a customized 404 response that will redirect people to the documentation.

Raises:	HTTP 404 – A falcon.HTTP_404 error
Returns:	A customized JSON response
Return type:	JSON

class sikre.middleware.headers.BaseHeaders[source]¶

process_request(req, res)[source]¶

Process the request before entering in the API

Before we process anything in the API, we reset the Origin header to match the address from the request.

Parameters:	Access-Control-Allow-Origin – Change the origin to the URL that made the request.
Raises:	HTTP Error – An HTTP error in case the Origin header doesn’t match the predefined regular expression.
Returns:	A modified set of headers.
Return type:	HTTP headers

process_response(req, res, resource)[source]¶

Process the response before returning it to the client.

In the reutrning reponse we change some values to be able to overcome the CORS protection and mask the origin server. The CORS interaction is protected by a check agains a regular expression to make sure the origin is a website-like URL.

Warning

If you are really concerned about security, you can deactivate the CORS allowance by turning CORS_ACTIVE to False in your settings file. That will force the application to answer to the SITE_DOMAIN domain.

Parameters:	Server (string) – Changes the server name sent to the browser in the response to avoid exposure of name and version of the same. Access-Control-Allow-Origin (string) – Change the origin name to match the one that made the request. That way we can allow CORS anywhere.
Raises:	HTTP Error – An HTTP error in case the Origin header doesn’t match the predefined regular expression.
Returns:	A modified set of headers
Return type:	HTTP headers

class sikre.middleware.https.RequireHTTPS[source]¶

Force the connection to be HTTPS.

Middleware that intercepts all the requests and checks that is over an HTTPS protocol before continuing. The only exception to this is the DEBUG mode, in which we allow connections from non-HTTPS sources.

Raises:	HTTP Bad Request – If the connection is not HTTPS the API will complain
Returns:	Error mentioning the HTTPS connection is required
Return type:	JSON

class sikre.middleware.json.RequireJSON[source]¶

class sikre.middleware.json.JSONTranslator[source]¶