Decorators¶
The following decorators are provided by Flask-Identity.
-
auth_required
(*auth_methods)¶ Decorator that protects endpoints through multiple mechanisms.
Example:
@app.route('/dashboard') @auth_required('token', 'session') def dashboard(): return 'Dashboard'
- Parameters
auth_methods – Specified mechanisms (token, session). If not specified then all current available mechanisms will be tried.
Note that regardless of order specified - they will be tried in the following order: token, session.
The first mechanism that succeeds is used, following that, depending on configuration.
On authentication failure
IdentityManager.unauthenticated()
will be called.
-
login_required
(view_function)¶ Ensure that the current user is logged in and authenticated before calling the actual view.
For example:
@app.route('/post') @login_required def post(): pass
Note
Per W3 guidelines for CORS preflight requests, HTTP
OPTIONS
requests are exempt from login checks.- Parameters
view_function (function) – The view function to decorate.
-
roles_accepted
(*role_names)¶ This decorator ensures that the current user is logged in, and has at least one of the specified roles (OR operation).
Example:
@route('/edit_article') @roles_accepted('Writer', 'Editor') def edit_article(): # User must be 'Writer' OR 'Editor' ...
Calls unauthenticated_view() when the user is not logged in or when user is not actived.
Calls unauthorized_view() when the user does not have the required roles.
Calls the decorated view otherwise.
-
roles_required
(*role_names)¶ This decorator ensures that the current user is logged in, and has all of the specified roles (AND operation).
Example:
@route('/escape') @roles_required('Special', 'Agent') def escape_capture(): # User must be 'Special' AND 'Agent' ...
Calls unauthenticated_view() when the user is not logged in or when user is not actived.
Calls unauthorized_view() when the user does not have the required roles.
Calls the decorated view otherwise.