move decorator to session

2 files changed, 18 insertions, 37 deletions

diff --git a/bonafide/src/leap/bonafide/_decorators.py b/bonafide/src/leap/bonafide/_decorators.py
deleted file mode 100644
index 6b437150..00000000
--- a/bonafide/src/leap/bonafide/_decorators.py
+++ /dev/null
@@ -1,33 +0,0 @@
-# -*- coding: utf-8 -*-
-# _decorators.py
-# Copyright (C) 2015 LEAP
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
-"""
-Decorators used in bonafide.
-"""
-
-
-def auth_required(func):
-    """
-    Decorate a method so that it will not be called if the instance
-    attribute `is_authenticated` does not evaluate to True.
-    """
-    def decorated(*args, **kwargs):
-        instance = args[0]
-        allowed = getattr(instance, 'is_authenticated')
-        if not allowed:
-            raise RuntimeError('This method requires authentication')
-        return func(*args, **kwargs)
-    return decorated
diff --git a/bonafide/src/leap/bonafide/session.py b/bonafide/src/leap/bonafide/session.py
index 7c40d281..547f0ddb 100644
--- a/bonafide/src/leap/bonafide/session.py
+++ b/bonafide/src/leap/bonafide/session.py
@@ -22,12 +22,25 @@ from twisted.python import log
 
 from leap.bonafide import _srp
 from leap.bonafide import provider
-from leap.bonafide._decorators import auth_required
 from leap.bonafide._http import httpRequest, cookieAgentFactory
 
 OK = 'ok'
 
 
+def _auth_required(func):
+    """
+    Decorate a method so that it will not be called if the instance
+    attribute `is_authenticated` does not evaluate to True.
+    """
+    def decorated(*args, **kwargs):
+        instance = args[0]
+        allowed = getattr(instance, 'is_authenticated')
+        if not allowed:
+            raise RuntimeError('This method requires authentication')
+        return func(*args, **kwargs)
+    return decorated
+
+
 class Session(object):
 
     def __init__(self, credentials, api, provider_cert):
@@ -101,7 +114,7 @@ class Session(object):
         self._token = token
         defer.returnValue(OK)
 
-    @auth_required
+    @_auth_required
     @defer.inlineCallbacks
     def logout(self):
         uri = self._api.get_logout_uri()
@@ -121,7 +134,7 @@ class Session(object):
         met = self._api.get_vpn_cert_method()
         return self._request(self._agent, uri, method=met)
 
-    @auth_required
+    @_auth_required
     def get_smtp_cert(self):
         # TODO pass it to the provider object so that it can save it in the
         # right path.
@@ -152,8 +165,9 @@ class Session(object):
         self.password = password
         defer.returnValue((OK, registered_user))
 
-    @auth_required
+    @_auth_required
     def update_user_record(self):
+        # FIXME to be implemented
         pass
 
     # Authentication-protected configuration