41 lines
1.2 KiB
Python
41 lines
1.2 KiB
Python
#api/__init__.py
|
|
import os
|
|
from functools import wraps
|
|
from flask import jsonify, session, Blueprint
|
|
from flask_limiter import Limiter
|
|
from flask_limiter.util import get_remote_address
|
|
|
|
import importlib
|
|
|
|
|
|
def require_auth(roles=[]):
|
|
def decorator(func):
|
|
@wraps(func)
|
|
def wrapper(*args, **kwargs):
|
|
user = session.get('user')
|
|
if not user:
|
|
return jsonify({"error": "Unauthorized"}), 401
|
|
if user.get('role') not in roles:
|
|
return jsonify({"error": "Forbidden, permission denied"}), 403
|
|
return func(*args, **kwargs)
|
|
return wrapper
|
|
return decorator
|
|
|
|
|
|
limiter = Limiter(
|
|
key_func=get_remote_address,
|
|
default_limits=["100 per minute"]
|
|
)
|
|
|
|
|
|
def register_blueprints(app):
|
|
current_dir = os.path.dirname(__file__)
|
|
for filename in os.listdir(current_dir):
|
|
if filename == "__init__.py" or not filename.endswith(".py"):
|
|
continue
|
|
module_name = filename[:-3]
|
|
module = importlib.import_module(f"api.{module_name}")
|
|
for attr in dir(module):
|
|
bp = getattr(module, attr)
|
|
if isinstance(bp, Blueprint):
|
|
app.register_blueprint(bp) |