sections: plugin_hooks:plugin-hook-actor-from-request
This data as json
| id | page | ref | title | content | breadcrumbs | references |
|---|---|---|---|---|---|---|
| plugin_hooks:plugin-hook-actor-from-request | plugin_hooks | plugin-hook-actor-from-request | actor_from_request(datasette, request) | datasette - Datasette class You can use this to access plugin configuration options via datasette.plugin_config(your_plugin_name) , or to execute SQL queries. request - Request object The current HTTP request. This is part of Datasette's authentication and permissions system . The function should attempt to authenticate an actor (either a user or an API actor of some sort) based on information in the request. If it cannot authenticate an actor, it should return None , otherwise it should return a dictionary representing that actor. Once a plugin has returned an actor from this hook other plugins will be ignored. Here's an example that authenticates the actor based on an incoming API key: from datasette import hookimpl import secrets SECRET_KEY = "this-is-a-secret" @hookimpl def actor_from_request(datasette, request): authorization = ( request.headers.get("authorization") or "" ) expected = "Bearer {}".format(SECRET_KEY) if secrets.compare_digest(authorization, expected): return {"id": "bot"} If you install this in your plugins directory you can test it like this: curl -H 'Authorization: Bearer this-is-a-secret' http://localhost:8003/-/actor.json Instead of returning a dictionary, this function can return an awaitable function which itself returns either None or a dictionary. This is useful for authentication functions that need to make a database query - for example: from datasette import hookimpl @hookimpl def actor_from_request(datasette, request): async def inner(): token = request.args.get("_token") if not token: return None # Look up ?_token=xxx in sessions table result = await datasette.get_database().execute( "select count(*) from sessions where token = ?", [token], ) if result.first()[0]: return {"token": token} else: return None return inner Examples: datasette-auth-tokens , datasette-auth-passwords | ["Plugin hooks"] | [{"href": "https://datasette.io/plugins/datasette-auth-tokens", "label": "datasette-auth-tokens"}, {"href": "https://datasette.io/plugins/datasette-auth-passwords", "label": "datasette-auth-passwords"}] |