Authorize feature: Add permission-based access control
Closes #42
Description
This pull request adds an authorization feature to the application, allowing for permission-based access control for our endpoints. We've defined a decorator, authorize(), that checks if a user has a cookie haski_state containing the necessary permissions to access a particular endpoint. If they do not, an Unauthorized error is raised.
Example usage:
from flask import Flask
from utils.auth.auth import authorize
from utils.auth.permissions import Permissions
app = Flask(__name__)
@app.route('/secure_endpoint')
@authorize([Permissions.READ])
def secure_endpoint(state):
# Your secure endpoint logic goes here
return 'Secure data'
Permissions are represented as a list of Permissions enum values.
Changes
Added the authorize decorator in utils/auth/auth.py
Added unit tests for the authorize decorator in _tests/unit/testauth.py
Testing
Unit tests have been added to ensure the authorize decorator works as expected. The tests mock the JWTKeyManagement methods and the flask request object. The decorator is tested with both authorized and unauthorized users.
Authorize feature: Add permission-based access control
Closes #42
Description
This pull request adds an authorization feature to the application, allowing for permission-based access control for our endpoints. We've defined a decorator,
authorize()
, that checks if a user has a cookiehaski_state
containing the necessary permissions to access a particular endpoint. If they do not, an Unauthorized error is raised. Example usage:Permissions are represented as a list of Permissions enum values.
Changes
Added the authorize decorator in utils/auth/auth.py Added unit tests for the authorize decorator in _tests/unit/testauth.py
Testing
Unit tests have been added to ensure the authorize decorator works as expected. The tests mock the JWTKeyManagement methods and the flask request object. The decorator is tested with both authorized and unauthorized users.
Note
The authorize decorator requires a cookie. This feature will be implemented with https://github.com/HASKI-RAK/HASKI-Backend/pull/32