async def get_user(request, user, logged_user):
if logged_user.username == user and User.get(
logged_user.username) is not None:
return json(User.get(user).export())
return json(
{
'error': 'You cannot access these information',
'code': 403
},
status=403)
def wrappee(*args, **kwargs):
headers = args[0].headers
if 'authorization' not in headers.keys():
return json({
'error': 'Missing Authorization header',
'code': 401
},
status=401)
try:
json_user = jwt.decode(headers['authorization'],
config.secret,
algorithms=['HS256'])
except jwt.exceptions.DecodeError as e:
return json({
'error': 'Invalid Authorization token',
'code': 401
},
status=401)
kwargs['logged_user'] = User.get(json_user['username'])
return f(*args, **kwargs)