def auth_required(f):
@wraps(f)
def decorated(*args, **kwargs):
try:
token = request.headers['X-AuthToken']
if token is None:
return {'state': 'fail', 'message': 'Authorization required'}, 403
token = Token.query.get(token)
if token is None:
return {'state': 'fail', 'message': 'Invalid token'}, 403
if token.expires_at is not None and token.expires_at < datetime.datetime.now():
token.delete()
db.session.flush()
db.session.commit()
return {'state': 'fail', 'message': 'Token was expired'}, 403
return f(token=token, *args, **kwargs)
except Exception as e:
db.session.rollback()
log.exception(e)
return {'state': 'fail', 'message': str(e)}, 500
return decorated
评论列表
文章目录
