23 lines
760 B
Python
23 lines
760 B
Python
from functools import wraps
|
|
|
|
from flask import (current_app, redirect, render_template, request, session,
|
|
url_for)
|
|
|
|
|
|
def check_auth(func):
|
|
@wraps(func)
|
|
def wrapper(*args, **kwargs):
|
|
if "login" not in session:
|
|
return redirect(url_for("auth_bp.auth"))
|
|
user_role = session.get("role")
|
|
user_request = request.endpoint
|
|
print("request_endpoint=", user_request)
|
|
user_bp = user_request.split(".")[0]
|
|
access = current_app.config["db_access"]
|
|
if user_role in access and user_bp in access[user_role]:
|
|
return func(*args, **kwargs)
|
|
else:
|
|
return render_template("error.html", error_message="Недостаточно прав")
|
|
|
|
return wrapper
|