def authenticate(username, password):
user = PAUser.query.filter_by(email_address=username).first()
if user is None:
raise Unauthorized()
if not user.logged:
raise Unauthorized('User is not logged.')
return user
def login():
try:
req_auth = request.authorization
except Exception as e:
raise Unauthorized('No authorization token provided.')
if req_auth is None:
raise Unauthorized('No authorization token provided')
user = self.login(req_auth.username, req_auth.password)
return _get_user(user, user.id)
def call(*args, **kwargs):
try:
req_auth = request.authorization
except Exception as e:
raise Unauthorized('No authorization token provided.')
if req_auth is None:
raise Unauthorized('No authorization token provided')
return func(
self.authenticate(req_auth.username, req_auth.password), *args,
**kwargs)
def call(user, character_id, *args, **kwargs):
if user.last_character_id != character_id:
raise Unauthorized('Cannot modify character.')
character = self.character_class.query.filter_by(
id=character_id).first()
return func(user, character, *args, **kwargs)
def login(email_address, password):
user = PAUser.query.filter_by(email_address=email_address).first()
if user is None:
raise Unauthorized()
user.logged = True
db.session.commit()
character = Pony.query.filter_by(id=user.last_character_id).first()
if character is not None:
if character.energy < 0.1:
character.location = 'ponyland_kindergarden'
character.energy = 1
# TODO set right event
db.session.commit()
return user
def prepared_func(user, *args, **kwargs):
if user.role == UserRoles.REGULAR:
raise Unauthorized('Not for you, little guy.')
return func(user, *args, **kwargs)
def _get_user(user, user_id):
if user.id != user_id:
raise Unauthorized(
'You are not authorized to get other users info.')
return jsonify(user.to_json())
def call(username, password):
user = func(username, password)
if user.state != UserStates.ACTIVE:
raise Unauthorized('Inactive user.')
return user