def _role_required(action, req, resp, handler, params, extra_params): login_required(action, req, resp, handler, params, extra_params) user = fail_if_none( utils.get_by_id(handler.db, req.context['user']['_id']), falcon.HTTPForbidden('Forbidden', 'Access denied') ) if role not in user.get('roles', []): raise falcon.HTTPForbidden('Forbidden', 'Access denied')
def login(self, req, resp): _json_middleware = JSON() _json_middleware.process_resource(req, resp, True) if req.method == 'OPTIONS': return if req.method != 'POST': raise falcon.HTTPMethodNotAllowed(('POST', 'OPTIONS')) self.user_validate.validate(req.context['doc']) user = fail_if_none( utils.get_by_username(self.app.db, req.context['doc']['username']), falcon.HTTPBadRequest('Bad request', 'User not found') ) if not self.verify_password(req.context['doc']['password'], user.get('password')): raise falcon.HTTPBadRequest('Bad request', 'Wrong password') req.context['result'] = {'token': utils.token_encode( {'_id': str(user['_id']), 'roles': user.get('roles', []), 'username': user['username']} )} _json_middleware.process_response(req, resp, True)
def item_or_404(item): return utils.fail_if_none(item, falcon.HTTPNotFound)