tobias/lrc-backend
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Files
master
lrc-backend/backend/auth/utils.py
Tobias Kurze 437cec38e0 added permission checks to user and recorder API
2020-08-06 15:23:14 +02:00

37 lines
1.0 KiB
Python
Raw Permalink Blame History

import flask_jwt_extended
from flask_jwt_extended import jwt_optional, get_jwt_identity
from functools import wraps
from flask_restx import abort
from backend import jwt_auth
from backend.models.user_model import User
def requires_permission_level(permission_level):
def decorator(f):
@wraps(f)
def decorated_function(*args, **kwargs):
# if flask_jwt_extended.verify_jwt_in_request():
current_user_id = get_jwt_identity()
user = User.get_by_identifier(current_user_id)
if user is not None:
if not user.has_permission(permission_level):
abort(401, f"You are missing the permission: {permission_level}")
return f(*args, **kwargs)
return decorated_function
return decorator
def require_jwt():
def decorator(f):
@wraps(f)
def decorated_function(*args, **kwargs):
return jwt_auth.login_required(jwt_optional(f(*args, **kwargs)))
return decorated_function
return decorator
Reference in New Issue View Git Blame Copy Permalink