67 lines
2.1 KiB
Python
67 lines
2.1 KiB
Python
from app.models.user import ClientUser
|
|
|
|
|
|
def require_admin(f):
|
|
@wraps(f)
|
|
def decorated(*args, **kwargs):
|
|
auth_header = request.headers.get("Authorization", "")
|
|
if not auth_header.startswith("Bearer "):
|
|
return jsonify({"error": "Não autorizado."}), 401
|
|
|
|
token = auth_header[7:]
|
|
try:
|
|
payload = jwt.decode(
|
|
token,
|
|
current_app.config["JWT_SECRET_KEY"],
|
|
algorithms=["HS256"],
|
|
)
|
|
user_id = payload.get("sub")
|
|
if not user_id:
|
|
return jsonify({"error": "Não autorizado."}), 401
|
|
|
|
user = ClientUser.query.get(user_id)
|
|
if not user or user.role != "admin":
|
|
return jsonify({"error": "Acesso restrito a administradores."}), 403
|
|
|
|
g.current_user_id = user_id
|
|
g.current_user = user
|
|
return f(*args, **kwargs)
|
|
except jwt.ExpiredSignatureError:
|
|
return jsonify({"error": "Não autorizado."}), 401
|
|
except jwt.InvalidTokenError:
|
|
return jsonify({"error": "Não autorizado."}), 401
|
|
|
|
return decorated
|
|
|
|
|
|
import jwt
|
|
from functools import wraps
|
|
from flask import request, g, current_app, jsonify
|
|
|
|
|
|
def require_auth(f):
|
|
@wraps(f)
|
|
def decorated(*args, **kwargs):
|
|
auth_header = request.headers.get("Authorization", "")
|
|
if not auth_header.startswith("Bearer "):
|
|
return jsonify({"error": "Não autorizado."}), 401
|
|
|
|
token = auth_header[7:]
|
|
try:
|
|
payload = jwt.decode(
|
|
token,
|
|
current_app.config["JWT_SECRET_KEY"],
|
|
algorithms=["HS256"],
|
|
)
|
|
user_id = payload.get("sub")
|
|
if not user_id:
|
|
return jsonify({"error": "Não autorizado."}), 401
|
|
|
|
g.current_user_id = user_id
|
|
return f(*args, **kwargs)
|
|
except jwt.ExpiredSignatureError:
|
|
return jsonify({"error": "Não autorizado."}), 401
|
|
except jwt.InvalidTokenError:
|
|
return jsonify({"error": "Não autorizado."}), 401
|
|
|
|
return decorated
|