Enforce authentication on every endpoint within an web application. Note: Any endpoint handler can opt-out of authentication using the @authentication_exempt decorator.
(auth_svc)
| 53 | |
| 54 | |
| 55 | def authentication_required_middleware_factory(auth_svc): |
| 56 | """Enforce authentication on every endpoint within an web application. |
| 57 | |
| 58 | Note: |
| 59 | Any endpoint handler can opt-out of authentication using the |
| 60 | @authentication_exempt decorator. |
| 61 | """ |
| 62 | @web.middleware |
| 63 | async def authentication_required_middleware(request, handler): |
| 64 | if is_handler_authentication_exempt(handler): |
| 65 | return await handler(request) |
| 66 | if not await auth_svc.is_request_authenticated(request): |
| 67 | raise web.HTTPUnauthorized() |
| 68 | return await handler(request) |
| 69 | return authentication_required_middleware |
| 70 | |
| 71 | |
| 72 | @web.middleware |
no outgoing calls