编写的CherryPy装饰授权 [英] Writing a CherryPy Decorator for Authorization

问题描述

我有一个CherryPy的应用和一些看法我要开始只允许特定用户查看他们，并发送其他任何人的授权所需的页面。

I have a cherrypy application and on some of the views I want to start only allowing certain users to view them, and sending anyone else to an authorization required page.

有没有一种方法，我可以用定制的装饰做到这一点？我认为这是最优雅的选择。

Is there a way I can do this with a custom decorator? I think that would be the most elegant option.

下面是什么，我想要做一个基本的例子：

Here's a basic example of what I want to do:

class MyApp:
    @authorization_required
    def view_page1(self,appID):
        ... do some stuff ...
        return html

def authorization_required(func):
    #what do I put here?

时，也可​​以称为一个装饰的AUTHORIZATION_REQUIRED函数接受像allow_group1，allow_group2参数？或者我需要为每个组单独的装饰？

Also can the authorization_required function when called as a decorator accept parameters like allow_group1, allow_group2? Or do I need a separate decorator for each group?

推荐答案

好吧，在这种情况下你的装饰会是这个样子：

Ok, in that case your decorator would look something like this:

# without any parameters
def authentication_required(f):
    @functools.wraps(f)
    def _authentication_required(*args, **kwargs):
        # Do you login stuff here
        return f(*args, **kwargs)
    return _authentication_required

# With parameters
def authentication_required(*allowed_groups):
    def _authentication_required(f):
        @functools.wraps(f)
        def __authentication_required(*args, **kwargs):
            # Do you login stuff here
            return f(*args, **kwargs)
        return __authentication_required
    return _authentication_required

这篇关于编写的CherryPy装饰授权的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！