dashboard/helpers/auth_guard.py

from functools import wraps

from flask import jsonify
from areas.roles.role_service import RoleService

from flask_jwt_extended import verify_jwt_in_request
from flask_jwt_extended import get_jwt

def admin_required():
    def wrapper(fn):
        @wraps(fn)
        def decorator(*args, **kwargs):
            verify_jwt_in_request()
            claims = get_jwt()
            userId = claims["user_id"]
            isAdmin = RoleService.is_user_admin(userId)
            if isAdmin:
                return fn(*args, **kwargs)
            else:
                return jsonify(msg="Admins only!"), 403

        return decorator

    return wrapper
add permission layer for admins for backend API 2022-06-08 21:41:59 +02:00			`from functools import wraps`

			`from flask import jsonify`
			`from areas.roles.role_service import RoleService`

			`from flask_jwt_extended import verify_jwt_in_request`
			`from flask_jwt_extended import get_jwt`

			`def admin_required():`
			`def wrapper(fn):`
			`@wraps(fn)`
			`def decorator(args, *kwargs):`
			`verify_jwt_in_request()`
			`claims = get_jwt()`
			`userId = claims["user_id"]`
			`isAdmin = RoleService.is_user_admin(userId)`
			`if isAdmin:`
			`return fn(args, *kwargs)`
			`else:`
			`return jsonify(msg="Admins only!"), 403`

			`return decorator`

			`return wrapper`