def handle(*args, **kwargs): basic = request.authorization if not basic: return abort(401) email = basic.username password = basic.password users = UserModel.fetch(UserModel.email == email) if len(users) == 0: return abort(401) user = users[0] if not user.check_password(password): return abort(401) kwargs['current_user'] = user return f(*args, **kwargs)