def _role_required(action, req, resp, handler, params, extra_params):
login_required(action, req, resp, handler, params, extra_params)
user = fail_if_none(
utils.get_by_id(handler.db, req.context['user']['_id']),
falcon.HTTPForbidden('Forbidden', 'Access denied')
)
if role not in user.get('roles', []):
raise falcon.HTTPForbidden('Forbidden', 'Access denied')
def login(self, req, resp):
_json_middleware = JSON()
_json_middleware.process_resource(req, resp, True)
if req.method == 'OPTIONS':
return
if req.method != 'POST':
raise falcon.HTTPMethodNotAllowed(('POST', 'OPTIONS'))
self.user_validate.validate(req.context['doc'])
user = fail_if_none(
utils.get_by_username(self.app.db, req.context['doc']['username']),
falcon.HTTPBadRequest('Bad request', 'User not found')
)
if not self.verify_password(req.context['doc']['password'], user.get('password')):
raise falcon.HTTPBadRequest('Bad request', 'Wrong password')
req.context['result'] = {'token': utils.token_encode(
{'_id': str(user['_id']), 'roles': user.get('roles', []), 'username': user['username']}
)}
_json_middleware.process_response(req, resp, True)
def item_or_404(item):
return utils.fail_if_none(item, falcon.HTTPNotFound)