Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add authentication to specific methods #56

Closed
GabrielGhe opened this issue Mar 13, 2020 · 4 comments
Closed

Add authentication to specific methods #56

GabrielGhe opened this issue Mar 13, 2020 · 4 comments

Comments

@GabrielGhe
Copy link

It would be nice to be able to require authentication for certain methods (POST/PUT/DELETE) and not others (GET/HEAD).

@thomaxxl
Copy link
Owner

Hi, this is possible by using a custom decorator.
There's an example here: https://github.com/thomaxxl/safrs/blob/master/examples/authentication/demo_auth.py

However I see there are a number of problems with this in the latest version. I'll make some changes to make things more clear.

@GabrielGhe
Copy link
Author

Thanks for replying. I meant that I'd like to add authentication to the POST/PUT/DELETE methods of the models (Not custom methods like in the example). Is there a way to do that?

@thomaxxl
Copy link
Owner

I should've been more clear: you can check the http method from within the decorator and perform authentication only for the methods you want, something like this:

from flask import request

def test_decorator(func):
    
    def api_wrapper(*args, **kwargs):
        print(request.method, func) 
        if request.method in ("POST","PATCH","DELETE"):
            if not authorized: # Pseudo code
                raise AuthError
        return func(*args, **kwargs)

    return result

The api_wrapper will be called before the rest of the api so you can perform authentication there.

Is this what you meant?

However, i see the swagger generation is broken, I'll have to fix this and prepare an example by tomorrow.

@thomaxxl
Copy link
Owner

Does this work for you?
https://github.com/thomaxxl/safrs/blob/master/examples/authentication/demo_post_auth.py

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants