Enforce client authentication checks by default.
()
| 79 | |
| 80 | @api_blueprint.before_request |
| 81 | def enforce_auth(): |
| 82 | """Enforce client authentication checks by default.""" |
| 83 | view_func = flask.current_app.view_functions[flask.request.endpoint] |
| 84 | |
| 85 | try: |
| 86 | required_auth_level = getattr(view_func, 'required_auth_level') |
| 87 | except AttributeError as e: |
| 88 | # This is an internal check for us that should help to enforce putting |
| 89 | # an auth-related annotation on every endpoint. This error is not |
| 90 | # supposed to ever make it past the development stage. |
| 91 | raise Error(f'CODE ERROR: Missing auth annotation on ' |
| 92 | f'{flask.request.endpoint} endpoint') from e |
| 93 | |
| 94 | # No authentication/authorization is required for this endpoint. Every |
| 95 | # visitor (even with invalid session) can access this endpoint. |
| 96 | if required_auth_level is None: |
| 97 | return None |
| 98 | |
| 99 | # Check whether the current session satisfies the required role. |
| 100 | if not session.is_auth_valid(required_auth_level): |
| 101 | return json_response.error(NotAuthenticatedError('Not authorized')), 401 |
| 102 | |
| 103 | return None |
| 104 | |
| 105 | |
| 106 | @api_blueprint.route('/user', methods=['POST']) |
nothing calls this directly
no test coverage detected