Modify the backend so that instead of using the server owner's QRZ & HamQTH credentials, it instead requires them to be provided by the client (if none are provided, the lookups do not occur.)

2026-05-30 17:35:11 +00:00 · 2026-05-09 15:43:22 +01:00
parent 0988a567b8
commit f81ef4347f
18 changed files with 385 additions and 174 deletions
--- a/server/handlers/api/lookups.py
+++ b/server/handlers/api/lookups.py
@@ -11,6 +11,7 @@ from core.geo_utils import lat_lon_for_grid_sw_corner_plus_size, lat_lon_to_cq_z
 from core.prometheus_metrics_handler import api_requests_counter
 from core.sig_utils import get_ref_regex_for_sig, populate_sig_ref_info
 from core.utils import serialize_everything
+from data.lookup_credentials import extract_credentials
 from data.sig_ref import SIGRef
 from data.spot import Spot

@@ -39,8 +40,9 @@ class APILookupCallHandler(tornado.web.RequestHandler):
                if re.match(r"^[A-Z0-9/\-]*$", call):
                    # Take the callsign, make a "fake spot" so we can run infer_missing() on it, then repack the
                    # resulting data in the correct way for the API response.
+                    credentials = extract_credentials(query_params)
                    fake_spot = Spot(dx_call=call)
-                    fake_spot.infer_missing()
+                    fake_spot.infer_missing(credentials)
                    data = {
                        "call": call,
                        "name": fake_spot.dx_name,