def decorated(*args, **kwargs): auth_header = request.headers.get('Authorization') if not auth_header: return Unauthorized("No authorization header.") auth_type, jwt_token = auth_header.split() token = Token.is_valid(jwt_token) if not token: return Unauthorized("Invalid JWT Token.") for grant in token.grants.split(): for role in roles: if grant in role: return f(*args, **kwargs) return Unauthorized("JWT doesn't contain required grants.")