Put endpoints behind an authorisation check

Put all endpoints that cause data changes behind authorisation.
author: Frederick Muriuki Muriithi 2024-07-29 14:38:32 -0500
committer: Frederick Muriuki Muriithi 2024-08-05 09:52:18 -0500
commit: d3fd64fb5237febb9628c4ccbd259969327ab2ec (patch)
tree: 81ef0ec177188ca80b6f95c277bf9684cfaddccd /uploader/entry.py
parent: 09642e11e318d149cf628d6b536e04443845665d (diff)
download: gn-uploader-d3fd64fb5237febb9628c4ccbd259969327ab2ec.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/uploader/entry.py b/uploader/entry.py
index 941200a..82034ed 100644
--- a/uploader/entry.py
+++ b/uploader/entry.py
@@ -16,6 +16,7 @@ from flask import (
     send_from_directory)
 
 from uploader.db import species
+from uploader.authorisation import require_login
 from uploader.db_utils import with_db_connection
 from uploader.oauth2.client import user_logged_in
 
@@ -91,6 +92,7 @@ def index():
     return render_template("index.html" if user_logged_in() else "login.html")
 
 @entrybp.route("/upload", methods=["GET", "POST"])
+@require_login
 def upload_file():
     """Enables uploading the files"""
     if request.method == "GET":
@@ -123,6 +125,7 @@ def upload_file():
                             filetype=request.form["filetype"]))
 
 @entrybp.route("/data-review", methods=["GET"])
+@require_login
 def data_review():
     """Provide some help on data expectations to the user."""
     return render_template("data_review.html")
author	Frederick Muriuki Muriithi	2024-07-29 14:38:32 -0500
committer	Frederick Muriuki Muriithi	2024-08-05 09:52:18 -0500
commit	d3fd64fb5237febb9628c4ccbd259969327ab2ec (patch)
tree	81ef0ec177188ca80b6f95c277bf9684cfaddccd /uploader/entry.py
parent	09642e11e318d149cf628d6b536e04443845665d (diff)
download	gn-uploader-d3fd64fb5237febb9628c4ccbd259969327ab2ec.tar.gz