def before_decorator():
rule = request.endpoint
try:
if request.method == 'OPTIONS' or rule is 'registration' or rule is 'login' or request.headers.get(
"pass") == 'sL36KjRf5oAc79ifhPJAz1bqi03WQPCC':
pass
else:
token = request.headers.get("Token")
fblogin = False
if request.headers.has_key("X-Api-Key"):
fblogin = json.loads(request.headers["X-Api-Key"])
if fblogin:
user = token
else:
tmp = jwt.decode(request.headers["Token"],
'secret',
algorithms=['HS256'])
user = tmp.get("user")
password = tmp.get("password")
res = UsersRDB.validate_info(user)
if not check_password_hash(res, password):
raise ValueError("Your information cannot be identify!")
g.user = user
except Exception as exp:
rsp_txt = "ERROR: Unauthorized user. Login required.\n{}".format(exp)
rsp_status = 504
full_rsp = Response(rsp_txt,
status=rsp_status,
content_type="application/json")
return full_rsp
def validate(cls, info):
(user_email, user_password), = info.items()
res = UsersRDB.validate_info(user_email)
return check_password_hash(res, user_password)
