Decorators

class keg_auth.libs.decorators.RequiresPermissions(condition, on_authentication_failure=None, on_authorization_failure=None, http_methods_excluded=None)

Require a user to be conditionally authorized before proceeding to decorated target. May be used as a class decorator or method decorator.

Usage: @requires_permissions(condition)

Note: if using along with a route decorator (e.g. Blueprint.route), requires_permissions
should be the closest decorator to the method

Examples: - @requires_permissions((‘token1’, ‘token2’)) - @requires_permissions(has_any(‘token1’, ‘token2’)) - @requires_permissions(has_all(‘token1’, ‘token2’)) - @requires_permissions(has_all(has_any(‘token1’, ‘token2’), ‘token3’)) - @requires_permissions(custom_authorization_callable that takes user arg) - @requires_permissions(‘token1’, on_authorization_failure=lambda: flask.abort(404))

class keg_auth.libs.decorators.RequiresUser(on_authentication_failure=None, http_methods_excluded=None)

Require a user to be authenticated before proceeding to decorated target. May be used as a class decorator or method decorator.

Usage: @requires_user

Note: if using along with a route decorator (e.g. Blueprint.route), requires_user
should be the closest decorator to the method

Examples: - @requires_user - @requires_user() - @requires_user(on_authentication_failure=lambda: flask.abort(400)) - @requires_user(http_methods_excluded=[‘OPTIONS’])

keg_auth.libs.decorators.requires_permissions

alias of keg_auth.libs.decorators.RequiresPermissions

keg_auth.libs.decorators.requires_user(arg=None, *args, **kwargs)

Require a user to be authenticated before proceeding to decorated target. May be used as a class decorator or method decorator.

Usage: @requires_user OR @requires_user() (both usage forms are identical)

Parameters:
on_authentication_failure: method called on authentication failures. If one is not
specified, behavior is derived from login manager (redirect or 401)
on_authorization_failure: method called on authorization failures. If one is not
specified, response will be 403