implement security

2024-04-25 16:13:09 +02:00
parent 62c96451d4
commit dc235b5d2c
3 changed files with 90 additions and 17 deletions
--- a/eveai_app/utils/security.py
+++ b/eveai_app/utils/security.py
@@ -0,0 +1,50 @@
+from functools import wraps
+from flask_jwt_extended import get_jwt, verify_jwt_in_request
+
+
+def super_required():
+    def wrapper(fn):
+        @wraps(fn)
+        def decorator(*args, **kwargs):
+            verify_jwt_in_request()
+            claims = get_jwt()
+            if not claims['is_super']:
+                return {'message': 'Authentication Error: Super users only!'}, 403
+            else:
+                return fn(*args, **kwargs)
+
+        return decorator
+    return wrapper
+
+
+# Decorators
+
+
+def admin_required():
+    def wrapper(fn):
+        @wraps(fn)
+        def decorator(*args, **kwargs):
+            verify_jwt_in_request()
+            claims = get_jwt()
+            if not claims['is_admin']:
+                return {'message': 'Authentication Error: Admins only!'}, 403
+            else:
+                return fn(*args, **kwargs)
+
+        return decorator
+    return wrapper
+
+
+def tester_required():
+    def wrapper(fn):
+        @wraps(fn)
+        def decorator(*args, **kwargs):
+            verify_jwt_in_request()
+            claims = get_jwt()
+            if not claims['is_tester']:
+                return {'message': 'Authentication Error: Testers only!'}, 403
+            else:
+                return fn(*args, **kwargs)
+
+        return decorator
+    return wrapper