diff options
author | Frederick Muriuki Muriithi | 2024-07-25 14:54:43 -0500 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2024-07-26 16:45:30 -0500 |
commit | 0dd6a3b3c8464f80375918148fe2c6cdacd8f462 (patch) | |
tree | 358b87862c31f9f6a792e6bd547ec2ec8eb13a6f | |
parent | 8fad53065943cb5f909ae783db1b95f06faa8915 (diff) | |
download | gn-uploader-0dd6a3b3c8464f80375918148fe2c6cdacd8f462.tar.gz |
authorisation module: utilities for basic authorisation.
-rw-r--r-- | uploader/authorisation.py | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/uploader/authorisation.py b/uploader/authorisation.py new file mode 100644 index 0000000..71b42fa --- /dev/null +++ b/uploader/authorisation.py @@ -0,0 +1,28 @@ +"""Authorisation utilities.""" +from functools import wraps +from urllib.parse import urljoin + +from flask import flash, redirect + +from uploader import session +from uploader.oauth2.client import oauth2_client, authserver_uri + +def require_login(function): + """Check that the user is logged in before executing `func`.""" + @wraps(function) + def __is_session_valid__(*args, **kwargs): + """Check that the user is logged in and their token is valid.""" + def __clear_session__(_no_token): + session.clear_session_info() + flash("You need to be logged in.", "alert-danger") + return redirect("/") + + def __with_token__(token): + resp = oauth2_client().get( + urljoin(authserver_uri(), "auth/user/")) + userdetails = resp.json() + if not userdetails.get("error"): + return function(*args, **kwargs) + return __clear_session__(token) + return session.user_token().either(__clear_session__, __with_token__) + return __is_session_valid__ |