added some basic authorisation header to whitelist some users

opencredo · Aug 18, 2015 · 72fe39e · 72fe39e
1 parent d62118e
commit 72fe39e
Showing 1 changed file with 23 additions and 0 deletions.
diff --git a/handlers/base.py b/handlers/base.py
@@ -116,6 +116,29 @@ def get(self):
             self.redirect(self.get_argument("next", "/"))
 
 
+def allowed():
+    def decorator(func):
+        def decorated(self, *args, **kwargs):
+            user = self.get_current_user()
+
+            # User is refused
+            if user is None:
+                raise Exception('Cannot proceed role check: user not found')
+
+            if user.decode("utf-8") not in self.settings['sFwhitelist']:
+                self.set_status(403)
+                return self.render('500.html',
+                                   code=403,
+                                   error="Not authorized")
+                # self.set_status(403, reason='Not authorized. Contact administrator.')
+                # self._transforms = []
+                # self.finish()
+                # return None
+
+            return func(self, *args, **kwargs)
+        return decorated
+    return decorator
+
 EXECUTOR = ThreadPoolExecutor(max_workers=100)
 
 def unblock(f):