jhtimmins commented on issue #8111:
URL: https://github.com/apache/airflow/issues/8111#issuecomment-655985434
@mik-laj Ok, I have a rough decision, if you could let me know your
thoughts. Ultimately, only `settings.py` needs to be visible to the user if
they're using a pre-existing auth function. If they want to add a custom
function, they can create a new file and reference it from `settings.py`.
## End result
- `login_required` decorator.
```python
@app.route('/')
@decorators.login_required
def hello_world():
return 'Hello, World!'
```
## Auth.py
- Defines various authentication functions.
```python
from flask import request
def basic_auth():
return request.authorization.username == "james" and
request.authorization.password == "pw"
```
## Settings.py
- Allows a user to specify the preferred auth function.
- _Currently_ also includes the code that imports the function strings. In
reality, this would be a separate step/file.
```python
import auth
authentication_module = "auth"
authentication_function = "basic_auth"
authenticator = getattr(auth, authentication_function)
```
## Decorators.py
- Defines `login_required` decorator that applies auth function to API view
function
```python
from flask import g, request, Response
from settings import authenticator
def login_required(wrapped):
def wrapper(*args, **kwargs):
if authenticator():
return wrapped(*args, **kwargs)
return Response("Forbidden", 403)
return wrapper
```
Thanks so much!
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
