Patched /tmp/tmpoo3czbih/sqli/utils/auth.py

patched-codes · Nov 7, 2024 · 71d53f9 · 71d53f9
1 parent a68d093
commit 71d53f9
Showing 1 changed file with 20 additions and 0 deletions.
diff --git a/sqli/utils/auth.py b/sqli/utils/auth.py
@@ -10,6 +10,18 @@
 
 
 def authorize(ensure_admin=False):
+    """Decorator function for authorizing requests and optionally ensuring admin privileges.
+    
+    Args:
+        ensure_admin (bool, optional): If True, requires the user to have admin privileges. Defaults to False.
+    
+    Returns:
+        Callable: A decorated function that performs authorization checks before executing the handler.
+    
+    Raises:
+        HTTPUnauthorized: If the user is not authenticated.
+        HTTPForbidden: If ensure_admin is True and the user is not an admin.
+    """
     def __decorator__(handler):
         @wraps(handler)
         async def __wrapper__(request: Request):
@@ -24,6 +36,14 @@ async def __wrapper__(request: Request):
 
 
 async def get_auth_user(request: Request) -> Optional[User]:
+    """Retrieves an authenticated user based on the session information in the request.
+    
+    Args:
+        request (Request): The incoming HTTP request object containing session data.
+    
+    Returns:
+        Optional[User]: The authenticated User object if found, or None if not found.
+    """
     app: Application = request.app
     session = await get_session(request)
     user_id = session.get('user_id')