-
Notifications
You must be signed in to change notification settings - Fork 72
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add authentication to specific methods #56
Comments
Hi, this is possible by using a custom decorator. However I see there are a number of problems with this in the latest version. I'll make some changes to make things more clear. |
Thanks for replying. I meant that I'd like to add authentication to the POST/PUT/DELETE methods of the models (Not custom methods like in the example). Is there a way to do that? |
I should've been more clear: you can check the http method from within the decorator and perform authentication only for the methods you want, something like this: from flask import request
def test_decorator(func):
def api_wrapper(*args, **kwargs):
print(request.method, func)
if request.method in ("POST","PATCH","DELETE"):
if not authorized: # Pseudo code
raise AuthError
return func(*args, **kwargs)
return result The api_wrapper will be called before the rest of the api so you can perform authentication there. Is this what you meant? However, i see the swagger generation is broken, I'll have to fix this and prepare an example by tomorrow. |
Does this work for you? |
It would be nice to be able to require authentication for certain methods (POST/PUT/DELETE) and not others (GET/HEAD).
The text was updated successfully, but these errors were encountered: