def auth_required(role_whitelist):
"""A decorator that keeps the function from being called without auth.
role_whitelist can be a string or list of strings specifying one or
more roles that are allowed to call the function. """
assert role_whitelist, "Can't call `auth_required` with empty role_whitelist."
if type(role_whitelist) != list:
role_whitelist = [role_whitelist]
def auth_required_wrapper(func):
def wrapped(*args, **kwargs):
appid = app_identity.get_application_id()
# Only enforce HTTPS and auth for external requests; requests made for data generation
# are allowed through (when enabled).
if not _is_self_request():
if request.scheme.lower() != 'https' and appid not in ('None', 'testbed-test', 'testapp'):
raise Unauthorized('HTTPS is required for %r' % appid)
check_auth(role_whitelist)
return func(*args, **kwargs)
return wrapped
return auth_required_wrapper
评论列表
文章目录
