aboutsummaryrefslogtreecommitdiff
path: root/api/hierarchy.py
diff options
context:
space:
mode:
authorlonkaars <l.leblansch@gmail.com>2021-03-23 19:44:43 +0100
committerlonkaars <l.leblansch@gmail.com>2021-03-23 19:44:43 +0100
commite2466a6e4cda8ade7d755beae2d74e13454e91fa (patch)
tree296dc6c576ea50211507060109fa5e8265dd7a68 /api/hierarchy.py
parent2e740cbf81f41804cdf7cf355c3d41de9eca2ac7 (diff)
auth_required decorator
Diffstat (limited to 'api/hierarchy.py')
-rw-r--r--api/hierarchy.py26
1 files changed, 26 insertions, 0 deletions
diff --git a/api/hierarchy.py b/api/hierarchy.py
new file mode 100644
index 0000000..6c1f0af
--- /dev/null
+++ b/api/hierarchy.py
@@ -0,0 +1,26 @@
+from flask import request
+from auth.login_token import token_login
+from db import cursor
+
+ranks = ["none", "user", "moderator", "admin", "bot"]
+
+def auth_required(level):
+ def decorator(func):
+ def wrapper():
+ token = request.cookies.get("token") or ""
+ if not token: return "", 403
+
+ user_id = token_login(token)
+ if not user_id: return "", 403
+
+ user_rank_text = cursor.execute("select type from users where user_id = ?", [user_id]).fetchone()[0]
+
+ required_rank = ranks.index(level)
+ user_rank = ranks.index(user_rank_text)
+ if required_rank > user_rank: return "", 403
+
+ return func(user_id)
+ wrapper.__name__ = func.__name__
+ return wrapper
+ return decorator
+