Patched /tmp/tmpzv8suerc/sqli/utils/auth.py

patched-codes · Oct 18, 2024 · 9d3ad7a · 9d3ad7a
1 parent 96f7b04
commit 9d3ad7a
Showing 1 changed file with 23 additions and 2 deletions.
diff --git a/sqli/utils/auth.py b/sqli/utils/auth.py
@@ -10,7 +10,18 @@
 
 
 def authorize(ensure_admin=False):
-    def __decorator__(handler):
+    """Decorator function for authorization of HTTP requests.
+    
+    Args:
+        ensure_admin (bool, optional): If True, requires the user to be an admin. Defaults to False.
+    
+    Returns:
+        Callable: A decorator function that wraps the handler function.
+    
+    Raises:
+        HTTPUnauthorized: If the user is not authenticated.
+        HTTPForbidden: If ensure_admin is True and the user is not an admin.
+    """    def __decorator__(handler):
         @wraps(handler)
         async def __wrapper__(request: Request):
             user = await get_auth_user(request)
@@ -24,7 +35,17 @@ async def __wrapper__(request: Request):
 
 
 async def get_auth_user(request: Request) -> Optional[User]:
-    app: Application = request.app
+    """Retrieve the authenticated user based on the session information.
+    
+    Args:
+        request (Request): The incoming HTTP request object containing session data.
+    
+    Returns:
+        Optional[User]: The authenticated User object if found, or None if not found.
+    
+    Raises:
+        DatabaseError: If there's an issue with the database connection or query.
+    """    app: Application = request.app
     session = await get_session(request)
     user_id = session.get('user_id')
     async with app['db'].acquire() as conn: