diff options
author | Kali Kaneko (leap communications) <kali@leap.se> | 2016-03-04 00:49:17 -0400 |
---|---|---|
committer | Kali Kaneko (leap communications) <kali@leap.se> | 2016-03-04 00:49:17 -0400 |
commit | 78a43c5bc733fbb27f38b06d10e792283abcdb93 (patch) | |
tree | 2d4f92fac54c76413121654b5ce518c7e6dcd960 /src/leap/bonafide/session.py | |
parent | 7422ca85177f11d8b74b28c58786aebf2ffe801b (diff) |
move decorator to session
Diffstat (limited to 'src/leap/bonafide/session.py')
-rw-r--r-- | src/leap/bonafide/session.py | 22 |
1 files changed, 18 insertions, 4 deletions
diff --git a/src/leap/bonafide/session.py b/src/leap/bonafide/session.py index 7c40d28..547f0dd 100644 --- a/src/leap/bonafide/session.py +++ b/src/leap/bonafide/session.py @@ -22,12 +22,25 @@ from twisted.python import log from leap.bonafide import _srp from leap.bonafide import provider -from leap.bonafide._decorators import auth_required from leap.bonafide._http import httpRequest, cookieAgentFactory OK = 'ok' +def _auth_required(func): + """ + Decorate a method so that it will not be called if the instance + attribute `is_authenticated` does not evaluate to True. + """ + def decorated(*args, **kwargs): + instance = args[0] + allowed = getattr(instance, 'is_authenticated') + if not allowed: + raise RuntimeError('This method requires authentication') + return func(*args, **kwargs) + return decorated + + class Session(object): def __init__(self, credentials, api, provider_cert): @@ -101,7 +114,7 @@ class Session(object): self._token = token defer.returnValue(OK) - @auth_required + @_auth_required @defer.inlineCallbacks def logout(self): uri = self._api.get_logout_uri() @@ -121,7 +134,7 @@ class Session(object): met = self._api.get_vpn_cert_method() return self._request(self._agent, uri, method=met) - @auth_required + @_auth_required def get_smtp_cert(self): # TODO pass it to the provider object so that it can save it in the # right path. @@ -152,8 +165,9 @@ class Session(object): self.password = password defer.returnValue((OK, registered_user)) - @auth_required + @_auth_required def update_user_record(self): + # FIXME to be implemented pass # Authentication-protected configuration |