def index(self):
user = request.cookies.get("user-id")
session = request.cookies.get("session-id")
if not session_is_valid(session, user):
return redirect("http://localhost:8080/#/login")
if can_access_admin(session, user):
return super(MyAdminIndexView, self).index()
return redirect("http://localhost:8080/#/")
def get(self):
account_id = request.headers.get("account_id")
session_id = request.headers.get("session_id")
access_results = {"isHairdresser": False, "isAdmin": False}
if not is_customer(account_id):
access_results["isHairdresser"] = True
if can_access_admin(session_id, account_id):
access_results["isAdmin"] = True
return make_response(access_results, 200)
def is_accessible(self):
return can_access_admin(request.cookies.get("session-id"),
request.cookies.get("user-id"))