def decorated(*args, **kwargs): jwt = _decode_jwt_from_headers() if not (jwt == None): return f(*args, **kwargs) else: print("Unauthorized address trying to use API: " + request.remote_addr) abort(401)
def decorated(*args, **kwargs): provided = request.args.get('token') # noinspection PyProtectedMember if token is not None and provided == token: return f(*args, **kwargs) elif (app.config.get('JWT_ALGORITHM') is not None and view_decorators._decode_jwt_from_headers()): return f(*args, **kwargs) elif token is None and app.config.get('JWT_ALGORITHM') is None: # authentication is disabled return f(*args, **kwargs) abort(401)
def sufficient_scope(*args, **kwargs): jwt_data = view_decorators._decode_jwt_from_headers() role = jwt_data.get("role", None) username = jwt_data.get("username", None) if role == "admin": return True elif role == "user": sender_id = sender_id_from_args(f, args, kwargs) return sender_id is not None and username == sender_id else: return False
def wrapper(*args, **kwargs): is_auth_enabled = ( current_app.config['AUTHENTICATION_ENABLED'] or current_app.config['AUTHENTICATION_DEMO_ENABLED']) if is_auth_enabled and current_app.config['AUTH_JWT_ENABLED']: # verify access token jwt_data = _decode_jwt_from_headers() ctx_stack.top.jwt = jwt_data # before executing func, check authenticated user's roles _verify_roles(jwt_data['sub'], roles) # and finally get func result return func(*args, **kwargs)
def decorated(*args, **kwargs): config = Config() jwt = _decode_jwt_from_headers() if jwt == None: print("Unauthorized address trying to use API: " + request.remote_addr) abort(401) if config.data['jwt_access_group'] in jwt[config.data['jwt_group']]: return f(*args, **kwargs) print("Unauthorized address trying to use API: " + request.remote_addr) abort(401)
def decorated(*args, **kwargs): config = Config() if config.data['apiSecret'] == request.headers.get('x-api-key'): return f(*args, **kwargs) else: jwt = _decode_jwt_from_headers() if not (jwt == None): return f(*args, **kwargs) else: print("Unauthorized address trying to use API: " + request.remote_addr) abort(401)