Check is the user is authenticated before checking if the user is authorized to access to the object.

author: Cédric Bonhomme <cedric@cedricbonhomme.org> 2016-04-19 12:50:17 +0200
committer: Cédric Bonhomme <cedric@cedricbonhomme.org> 2016-04-19 12:50:17 +0200
commit: 1b8b4e7786d5fd29ee528407590c88dffdd15714 (patch)
tree: f0220866cc8fcbc283082bef3bc63dea0000e775 /src/web/views/api/v3/common.py
parent: Test preprocessors with Flask-Restless. (diff)
download: newspipe-1b8b4e7786d5fd29ee528407590c88dffdd15714.tar.gz
newspipe-1b8b4e7786d5fd29ee528407590c88dffdd15714.tar.bz2
newspipe-1b8b4e7786d5fd29ee528407590c88dffdd15714.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/src/web/views/api/v3/common.py b/src/web/views/api/v3/common.py
index f5bd2dea..8831b8ba 100644
--- a/src/web/views/api/v3/common.py
+++ b/src/web/views/api/v3/common.py
@@ -1,10 +1,14 @@
 from flask.ext.login import current_user
+from flask.ext.restless import ProcessingException
 from web.controllers import ArticleController
 
 
 def is_authorized_to_modify(user, obj):
     return user.id == obj.user_id
 
+def auth_func(*args, **kw):
+    if not current_user.is_authenticated:
+        raise ProcessingException(description='Not authenticated!', code=401)
 
 def check_auth(instance_id=None, **kw):
     # Check if the user is authorized to modify the specified
author	Cédric Bonhomme <cedric@cedricbonhomme.org>	2016-04-19 12:50:17 +0200
committer	Cédric Bonhomme <cedric@cedricbonhomme.org>	2016-04-19 12:50:17 +0200
commit	1b8b4e7786d5fd29ee528407590c88dffdd15714 (patch)
tree	f0220866cc8fcbc283082bef3bc63dea0000e775 /src/web/views/api/v3/common.py
parent	Test preprocessors with Flask-Restless. (diff)
download	newspipe-1b8b4e7786d5fd29ee528407590c88dffdd15714.tar.gz newspipe-1b8b4e7786d5fd29ee528407590c88dffdd15714.tar.bz2 newspipe-1b8b4e7786d5fd29ee528407590c88dffdd15714.zip