diff options
| author | lonkaars <l.leblansch@gmail.com> | 2021-03-23 19:44:43 +0100 |
|---|---|---|
| committer | lonkaars <l.leblansch@gmail.com> | 2021-03-23 19:44:43 +0100 |
| commit | e2466a6e4cda8ade7d755beae2d74e13454e91fa (patch) | |
| tree | 296dc6c576ea50211507060109fa5e8265dd7a68 /api/user | |
| parent | 2e740cbf81f41804cdf7cf355c3d41de9eca2ac7 (diff) | |
auth_required decorator
Diffstat (limited to 'api/user')
| -rw-r--r-- | api/user/preferences.py | 24 | ||||
| -rw-r--r-- | api/user/status.py | 10 |
2 files changed, 7 insertions, 27 deletions
diff --git a/api/user/preferences.py b/api/user/preferences.py index 057bf41..9791bfe 100644 --- a/api/user/preferences.py +++ b/api/user/preferences.py @@ -1,7 +1,7 @@ from flask import Blueprint, request from db import cursor, connection -from auth.login_token import token_login from ruleset import resolve_ruleset +from hierarchy import auth_required import json def format_preferences(prefs): @@ -18,30 +18,16 @@ def format_preferences(prefs): preferences = Blueprint('preferences', __name__) @preferences.route('/preferences', methods = ["GET"]) -def get_preferences(): - data = request.get_json() - - token = request.cookies.get("token") or "" - - if not token: return "", 401 - login = token_login(token) or "" - - if not login: return "", 403 - +@auth_required("user") +def get_preferences(login): user_prefs = cursor.execute("select preferences from users where user_id = ?", [login]).fetchone() return { "preferences": format_preferences(json.loads(user_prefs[0])) }, 200 @preferences.route('/preferences', methods = ["POST"]) -def index(): +@auth_required("user") +def index(login): data = request.get_json() - new_preferences = data.get("newPreferences") or "" - token = request.cookies.get("token") or "" - - if not token: return "", 401 - login = token_login(token) or "" - - if not login: return "", 403 formatted_json = format_preferences(new_preferences) diff --git a/api/user/status.py b/api/user/status.py index e2895d5..030a4ef 100644 --- a/api/user/status.py +++ b/api/user/status.py @@ -1,21 +1,15 @@ from flask import Blueprint, request from db import cursor, connection -from auth.login_token import token_login +from hierarchy import auth_required import json status = Blueprint('user_status', __name__) @status.route('/status', methods = ['POST']) +@auth_required("user") def index(): data = request.get_json() - status = data.get("status") or "" - token = request.cookies.get("token") or "" - - if not token: return "", 401 - login = token_login(token) or "" - - if not login: return "", 403 if not status: return "", 400 cursor.execute("update users set status = ? where user_id = ?", [status[0:200], login]) |