app.decorators

This module defines some useful decorators.

copyright

  1. 2017 European Spallation Source ERIC

license

BSD 2-Clause, see LICENSE for more details.

app.decorators.login_groups_accepted(*groups)[source]

Decorator which specifies that a user must have at least one of the specified groups.

This can be used for users logged in using a cookie (web UI) or JWT (API).

Example:

@bp.route('/models', methods=['POST'])
@login_groups_accepted('admin', 'inventory')
def create_model():
    return create()

The current user must be in either 'admin' or 'create' group
to access the /models route.

This checks that the user is logged in. There is no need to use the @login_required decorator.

Parameters

groups – accepted groups