diff options
author | lonkaars <l.leblansch@gmail.com> | 2021-03-23 19:44:43 +0100 |
---|---|---|
committer | lonkaars <l.leblansch@gmail.com> | 2021-03-23 19:44:43 +0100 |
commit | e2466a6e4cda8ade7d755beae2d74e13454e91fa (patch) | |
tree | 296dc6c576ea50211507060109fa5e8265dd7a68 /api/hierarchy.py | |
parent | 2e740cbf81f41804cdf7cf355c3d41de9eca2ac7 (diff) |
auth_required decorator
Diffstat (limited to 'api/hierarchy.py')
-rw-r--r-- | api/hierarchy.py | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/api/hierarchy.py b/api/hierarchy.py new file mode 100644 index 0000000..6c1f0af --- /dev/null +++ b/api/hierarchy.py @@ -0,0 +1,26 @@ +from flask import request +from auth.login_token import token_login +from db import cursor + +ranks = ["none", "user", "moderator", "admin", "bot"] + +def auth_required(level): + def decorator(func): + def wrapper(): + token = request.cookies.get("token") or "" + if not token: return "", 403 + + user_id = token_login(token) + if not user_id: return "", 403 + + user_rank_text = cursor.execute("select type from users where user_id = ?", [user_id]).fetchone()[0] + + required_rank = ranks.index(level) + user_rank = ranks.index(user_rank_text) + if required_rank > user_rank: return "", 403 + + return func(user_id) + wrapper.__name__ = func.__name__ + return wrapper + return decorator + |