You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
54 lines
1.5 KiB
54 lines
1.5 KiB
from functools import wraps |
|
from flask import ( |
|
request, Response, session, flash, redirect, url_for, abort |
|
) |
|
from settings import app_password, app_user |
|
import random |
|
import string |
|
|
|
|
|
def csrf_token_generator(size=40, chars=string.ascii_uppercase + string.digits): |
|
return ''.join(random.choice(chars) for _ in range(size)) |
|
|
|
|
|
def check_basic_auth(user, passwd): |
|
if user != app_user or passwd != app_password: |
|
return False |
|
else: |
|
return True |
|
|
|
|
|
def authenticate(): |
|
"""Sends a 401 response that enables basic auth""" |
|
return Response( |
|
'Could not verify your access level for that URL.\n' |
|
'You have to login with proper credentials', 401, |
|
{'WWW-Authenticate': 'Basic realm="Login Required"'} |
|
) |
|
|
|
|
|
def requires_auth(f): |
|
''' |
|
REQUEST.json |
|
only gets basic authentication |
|
REQUEST.get |
|
redirect to login page |
|
''' |
|
@wraps(f) |
|
def decorated(*args, **kwargs): |
|
if request.json: |
|
auth = request.headers.get('Authorization') |
|
if auth.startswith('Basic'): |
|
basic_auth = request.authorization |
|
if not check_basic_auth(basic_auth.username, basic_auth.password): |
|
abort(401) |
|
else: |
|
abort(401) |
|
return f(*args, **kwargs) |
|
|
|
auth = session.get('logged_in') |
|
if not auth: |
|
flash('You are not authorized') |
|
return redirect(url_for('hello_world')) |
|
return f(*args, **kwargs) |
|
return decorated
|
|
|