def decorated(*args, **kwargs):
request = get_request(*args, **kwargs)
res = f(*args, **kwargs)
if res.status == 200:
# if user didn't set status code, use 401
res.status = 401
if "WWW-Authenticate" not in res.headers.keys():
res.headers["WWW-Authenticate"] = self.authenticate_header(request)
return res
def decorated(*args, **kwargs):
request = get_request(*args, **kwargs)
auth = self.get_auth(request)
request.headers["authorization"] = auth
# Sanic-CORS normally handles OPTIONS requests on its own, but in the
# case it is configured to forward those to the application, we
# need to ignore authentication headers and let the request through
# to avoid unwanted interactions with CORS.
if request.method != "OPTIONS": # pragma: no cover
password = self.get_auth_password(auth)
if not self.authenticate(request, auth, password):
return self.auth_error_callback(request)
return f(*args, **kwargs)
def decorated(*args, **kwargs):
request = get_request(*args, **kwargs)
selected_auth = None
if "Authorization" in request.headers:
try:
scheme, creds = request.headers["Authorization"].split(None, 1)
except ValueError:
# malformed Authorization header
pass
else:
for auth in self.additional_auth:
if auth.scheme == scheme:
selected_auth = auth
break
if selected_auth is None:
selected_auth = self.main_auth
return selected_auth.login_required(f)(*args, **kwargs)
