COUR4G3
commented
6 years ago I could do something like that, though I would probably return it as a keyword-argument rather, so rather so it's backwards compatible:
response = make_response(view_func(*args, username=username, **kwargs))
So then it will be available in your view:
@app.route('/secret') @gssapi.require_auth def secret_view(username=None): return render_template('secret.html')
Or if you already had arguments:
def secret_view(foo, bar, username=None): return render_template('secret.html')
I'm looking for a way to get the principal name returned or exposed in some way so that after authn occurs authz can occur. flask-kerberos has something like this where it returns the user as the first argument, see here: https://github.com/mkomitee/flask-kerberos/blob/master/flask_kerberos.py#L108 I'm unsure whether this is a good approach, it seems a bit fragile to me, but I don't understand wrappers all that well. Anyway, any suggestions? Something like this would be much appreciated, because short of the require_user part authn basically implies authz at this point.
Thanks though for the work, it is much appreciated.