The auth_basic() decorator doesn't use functools.wraps(). #586

GrahamDumpleton · 2014-02-12T00:25:22Z

The implementation is:

def auth_basic(check, realm="private", text="Access denied"):
    ''' Callback decorator to require HTTP auth (basic).
        TODO: Add route(check_auth=...) parameter. '''
    def decorator(func):
        def wrapper(*a, **ka):
            user, password = request.auth or (None, None)
            if user is None or not check(user, password):
                err = HTTPError(401, text)
                err.add_header('WWW-Authenticate', 'Basic realm="%s"' % realm)
                return err
            return func(*a, **ka)
        return wrapper
    return decorator

It doesn't use functools.wraps() on the nested wrapper function, which will stuff up name introspection for any functions which the decorator is applied to.

We have seen this affecting data reported by customers applications into New Relic. We are going to change our instrumentation to fix up the bottle code if we see it is wrong, but you should look at fixing it all the same.

The text was updated successfully, but these errors were encountered:

Fix for Issue #586

alicegoldfuss added a commit to alicegoldfuss/bottle that referenced this issue Feb 12, 2014

Fix for Issue bottlepy#586

9889a7c

alicegoldfuss mentioned this issue Feb 12, 2014

Fix for Issue #586 #587

Merged

defnull added a commit that referenced this issue Feb 12, 2014

Merge pull request #587 from alicegoldfuss/issue_586

4429b7f

Fix for Issue #586

GrahamDumpleton closed this as completed Feb 13, 2014

defnull pushed a commit that referenced this issue Jul 7, 2021

Fix for Issue #586

e1be22d

The auth_basic() decorator doesn't use functools.wraps(). #586

The auth_basic() decorator doesn't use functools.wraps(). #586

Comments

GrahamDumpleton commented Feb 12, 2014