Hello,
citing
*http://stackoverflow.com/questions/30237946/google-app-engine-inter-module-communication-authorization#comment49814138_30237946*
the problem I have is that in the Docs (communication between modules)
<https://cloud.google.com/appengine/docs/python/modules/#Python_Communication_between_modules>
it
says:
*You can configure any manual or basic scaling module to accept requests
> from other modules in your app by restricting its handler to only allow
> administrator accounts, specifying login: admin for the appropriate handler
> in the module's configuration file. With this restriction in place, any
> URLFetch from any other module in the app will be automatically
> authenticated by App Engine, and any request that is not from the
> application will be rejected.*
>
And this is exactly the configuration I have for my module called "api1".
In my *app.yaml* file I have:
# can accept requests from other modules. with login: admin and they are
authenticated automatically.
- url: /.*
script: _go_app
login: admin
I'm trying now, from a different module in the same app, to make a service
call as suggested in the doc using *urfetch.fetch()* method, and my
implementation is:
from google.appengine.api import urlfetch, modules, app_identity
from rest_framework.response import Response, status
@api_view(['POST'])
def validate_email(request):
url = "http://%s/"; % modules.get_hostname(module="api1")
payload = json.dumps({"SOME_KEY":"SOME_VALUE"})
appid = app_identity.get_application_id()
result = urlfetch.fetch(url + "emails/validate/document",
follow_redirects=False,
method=urlfetch.POST,
payload=payload,
headers={"Content-Type":"application/json")
return Response({
'status_code': result.status_code,
'content': result.content
}, status=status.HTTP_200_OK)
According to the documentation, having specified the
*follow_redirects=False*, *fetch()* will automatically insert an header in
my call (I've even tried to add it explicitly) with the
*"X-Appengine-Inbound-Appid"
: MY-APP-ID*.
Unfortunately I get as result of the fetch call a 302 redirect, if I follow
it, it's a redirect to the authentication form. This occurs in Development
server as well as in Production.
Can you please let me know how can I call my *api1* service inside my
*validate_email* document (belonging to a different module in the same app)?
Is there another way to authenticate the call since it seems the way
suggested inside the documentation is not working?
Thank you
--
You received this message because you are subscribed to the Google Groups
"Google App Engine" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to google-appengine+unsubscr...@googlegroups.com.
To post to this group, send email to google-appengine@googlegroups.com.
Visit this group at http://groups.google.com/group/google-appengine.
To view this discussion on the web visit
https://groups.google.com/d/msgid/google-appengine/d4c88649-5b86-47a6-a22c-0e01064a90db%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
