def delete_user(current_user, public_id): if not current_user.admin: return jsonify({'data': "You don't have permission for this action."}) query = User.select().where(User.public_id == public_id).first() if not query: return jsonify({'data': 'No user found.'}), 404 try: query.delete_instance() except Exception as e: return jsonify({'data': str(e)}), 401 return jsonify({'data': 'The user has been successfully deleted!'}), 200
def decorated(*args, **kwargs): token = request.cookies.get('auth', default='', type=str) if not token: # return jsonify({'data': 'The auth token is missing.'}), 401 return redirect('/'), 302 try: tokenDecoded = jwt.decode(token, Settings.secret_key, algorithms='HS256') except jwt.exceptions.ExpiredSignatureError: # return jsonify({'data': 'The auth token has expired.'}), 401 return redirect('/'), 302 except: # return jsonify({'data': "The auth token is invalid"}), 401 return redirect('/'), 302 current_user = User.select().where( User.public_id == tokenDecoded['public_id']).first() return func(current_user, *args, **kwargs)