def login_required(f):
"""
Decorator function for routes
Checks Authorization header, token validity and injects user into flask global variable g
"""
@wraps(f)
def decorated_function(*args, **kwargs):
if current_app.config["AUTH"] == Config.NONE:
g.user = User("Gandalf", superadmin=True)
return f(*args, **kwargs)
if not request.headers.get('Authorization'):
return "Missing authorization header", 401
try:
payload = LoginService.parse_api_token(request)
except DecodeError:
return 'Token is invalid', 401
except ExpiredSignature:
return 'Token has expired', 401
g.user = User.query.filter_by(username=payload['username']).first()
return f(*args, **kwargs)
return decorated_function
评论列表
文章目录
