50 lines
1.4 KiB
Python
50 lines
1.4 KiB
Python
# SPDX-License-Identifier: Apache-2.0
|
|
|
|
from functools import wraps
|
|
|
|
from itsdangerous.url_safe import URLSafeSerializer
|
|
from flask import g, request, redirect, url_for, jsonify, session
|
|
|
|
from pyles.settings import SECRET_KEY
|
|
from pyles.db import User
|
|
|
|
|
|
def token_required(f):
|
|
@wraps(f)
|
|
def inner(*args, **kwargs):
|
|
token = request.headers.get("Authorization")
|
|
if not token:
|
|
return jsonify({"error": "Missing token"}), 403
|
|
|
|
_, id = URLSafeSerializer(SECRET_KEY).loads_unsafe(token)
|
|
u: User = User.get_or_none(id=id)
|
|
if u is None:
|
|
return jsonify({"error": "Invalid token"}), 403
|
|
|
|
if not u.verify_token(token):
|
|
return jsonify({"error": "Invalid token"}), 403
|
|
g.user = u
|
|
return f(*args, **kwargs)
|
|
|
|
return inner
|
|
|
|
def login_required(f):
|
|
@wraps(f)
|
|
def inner(*args, **kwargs):
|
|
token = session.get("token", None)
|
|
if not token:
|
|
return redirect(url_for("index"))
|
|
|
|
_, id = URLSafeSerializer(SECRET_KEY).loads_unsafe(token)
|
|
u: User = User.get_or_none(id=id)
|
|
if u is None:
|
|
session.pop("token", None)
|
|
return redirect(url_for("index"))
|
|
|
|
if not u.verify_token(token):
|
|
session.pop("token", None)
|
|
return redirect(url_for("index"))
|
|
g.user = u
|
|
return f(*args, **kwargs)
|
|
|
|
return inner
|