search

lepture / authlib

The ultimate Python library in building OAuth, OpenID Connect clients and servers. JWS,JWE,JWK,JWA,JWT included.
https://authlib.org/
BSD 3-Clause "New" or "Revised" License
4.45k stars 445 forks source link

Allow the instance of ResourceProtector to be a decorator without an unnecessary call if we don't have any 'call' attribute, solution provided. #604

Open danilovmy opened 8 months ago

danilovmy commented 8 months ago

for example on this page of documentation we can see:

@app.route('/user')
@require_oauth()
def user_profile():
    user = current_token.user
    return jsonify(user)

# or with None

@app.route('/user')
@require_oauth(None)
def user_profile():
    user = current_token.user
    return jsonify(user)

If we speak about transparency in coding, @require_oauth() is not an obvious practice. More often, you can encounter @require_oauth. Organizing the decorator for both cases — calling with and without attributes — is easy:

    def __call__(self, *args, **kwargs):
        if args and callable(args[0]):
            return super().__call__()(*args, **kwargs)
        return super().__call__(*args, **kwargs)