def get_current_user():
app = server.get_app()
dbo = app.user_dbo
token = request.headers['X-API-KEY']
user = dbo.read_by_key(token)
return user
def decorated(*args, **kwargs):
app = server.get_app()
dbo = app.user_dbo
token = request.headers['X-API-KEY']
user = dbo.read_by_key(token)
user_role = UserRole.select().where(UserRole.id==user.role_id).get()
if not user_role.role in roles:
return {'message' : 'You are not authorized.'}, 401
return f(*args, **kwargs)
def decorated(*args, **kwargs):
app = server.get_app()
dbo = app.user_dbo
user = dbo.read_by_id(current_user.id)
user_role = UserRole.select().where(
UserRole.id == user.role_id).get()
if not user_role.role in roles:
message = "Unauthorized"
description = "You do not have authorization to enter this page"
return render_message(message, description)
return f(*args, **kwargs)
def decorated(*args, **kwargs):
app = server.get_app()
dbo = app.user_dbo
token = None
if 'X-API-KEY' in request.headers:
token = request.headers['X-API-KEY']
if not token:
return {'message' : 'Key is missing.'}, 401
if not dbo.verify_key(token):
return {'message' : 'Invalid credentials!!!'}, 401
return f(*args, **kwargs)
# -*- coding: utf-8 -*-
# app/api/supervisor.py
from flask import request
from flask_restplus import Resource, fields
from playhouse.shortcuts import model_to_dict
from app.server import server
from app.models import OrderState
from .utils import token_required, role_required, get_current_user
api = server.get_api()
app = server.get_app()
ns = server.get_namespace("supervisor")
@ns.route('/states')
class SupervisorStateCollectionResource(Resource):
@api.doc(security='apikey')
@token_required
def get(self):
result = list()
states = OrderState.select()
for state in states:
result.append(state.state)
return result
