Middlewares

src.core.middlewares.rbac.role_required(*allowed_roles: str) → Callable[source]

Enforce JWT auth and role-based access for a view.

Example:

@role_required("admin", "rrhh")
def view():
    pass

Parameters:: allowed_roles (str) – Roles allowed to access the decorated function.
Returns:: The decorated function.
Return type:: Callable

src.core.middlewares.user_required.user_required(source: str = 'jwt', key: str = 'user_id', field: str = 'id', attach_to: str = 'current_user', require_active_role: bool = False) → Callable[source]

Decorator that ensures that the user exists in the database.

Basic use:

From JWT (default):
@user_required() # read identity from the JWT and validate it
From route or query parameter:
@user_required(source=”param”, key=”user_id”)
From the JSON body:
@user_required(source=”json”, key=”user_id”)

Parameters:

source (str) – Origin of the user identifier. Values: “jwt” | “param” | “json”.
key (str) – Name of the key that contains the identifier when source is “param” or “json”.
field (str) – User model field to search for. By default “id”. Ex: “email”.
attach_to (str) – Name of the attribute in flask.g where the found user will be attached.
require_active_role (bool) – If True, also validates that the user’s role is active.

Returns:

Decorated function that, if the user exists, continues; Otherwise it responds with an error.

Return type:

Callable