66 lines
1.7 KiB
Python
66 lines
1.7 KiB
Python
"""
|
|
Authentication decorators for SneakyScanner.
|
|
|
|
Provides decorators for protecting web routes and API endpoints.
|
|
"""
|
|
|
|
from functools import wraps
|
|
from typing import Callable
|
|
|
|
from flask import jsonify, redirect, request, url_for
|
|
from flask_login import current_user
|
|
|
|
|
|
def login_required(f: Callable) -> Callable:
|
|
"""
|
|
Decorator for web routes that require authentication.
|
|
|
|
Redirects to login page if user is not authenticated.
|
|
This is a wrapper around Flask-Login's login_required that can be
|
|
customized if needed.
|
|
|
|
Args:
|
|
f: Function to decorate
|
|
|
|
Returns:
|
|
Decorated function
|
|
"""
|
|
@wraps(f)
|
|
def decorated_function(*args, **kwargs):
|
|
if not current_user.is_authenticated:
|
|
# Redirect to login page
|
|
return redirect(url_for('auth.login', next=request.url))
|
|
return f(*args, **kwargs)
|
|
return decorated_function
|
|
|
|
|
|
def api_auth_required(f: Callable) -> Callable:
|
|
"""
|
|
Decorator for API endpoints that require authentication.
|
|
|
|
Returns 401 JSON response if user is not authenticated.
|
|
Uses Flask-Login sessions (same as web UI).
|
|
|
|
Args:
|
|
f: Function to decorate
|
|
|
|
Returns:
|
|
Decorated function
|
|
|
|
Example:
|
|
@bp.route('/api/scans', methods=['POST'])
|
|
@api_auth_required
|
|
def trigger_scan():
|
|
# Protected endpoint
|
|
pass
|
|
"""
|
|
@wraps(f)
|
|
def decorated_function(*args, **kwargs):
|
|
if not current_user.is_authenticated:
|
|
return jsonify({
|
|
'error': 'Authentication required',
|
|
'message': 'Please authenticate to access this endpoint'
|
|
}), 401
|
|
return f(*args, **kwargs)
|
|
return decorated_function
|