def decorated(*args, **kwargs): campus_id = kwargs.get('campus_id', None) if campus_id: try: request.campus = Campus.objects(id=campus_id).get() except Campus.DoesNotExist: return abort(404) # check access token access_token = None auth_header = request.headers.get('Authorization') if auth_header and auth_header.startswith('Bearer '): access_token = auth_header[7:] elif request.args.get('access_token'): access_token = request.args.get('access_token') request.access_token = None if access_token: try: request.access_token = OAuth2AccessToken.objects(access_token=access_token).get() except OAuth2AccessToken.DoesNotExist: pass if not request.access_token: return jsonify({ 'error': { 'code': 'token_not_exist' } }), 403 result = f(*args, **kwargs) callback = request.args.get('callback', None) if callback: return app.response_class(callback + '(' + result.data.decode('utf8') + ')', mimetype='application/javascript') return result