def wrapper(*args, **kwargs):
access_token = request.headers.get('Authorization')
if access_token:
user_id = User.decode_token(access_token)
if isinstance(user_id, str):
abort(404, user_id)
request.user_id = user_id
return func(*args, **kwargs)
def wrapper(*args, **kwargs):
access_token = request.headers.get('Authorization')
if access_token:
user_id = User.decode_token(access_token)
user = User.query.get(user_id)
if not user.is_admin:
abort(401, 'You\'re not authorized to perform this action.')
request.user_id = user_id
return func(*args, **kwargs)