LeoVasanko/passkey-auth
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Make default permissions use only : as separator.

Browse Source
This commit is contained in:
Leo Vasanko
2025-08-30 18:43:49 -06:00
parent 326a7664d3
commit d045e1c520
6 changed files with 17 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
passkey/fastapi/authz.py
View File

@@ -12,7 +12,7 @@ from ..globals import db
from ..util.tokens import session_key
async def verify(auth: str | None, perms: list[str] | None):
async def verify(auth: str | None, perm: list[str] | str | None):
"""Validate session token and optional list of required permissions.
Returns the Session object on success. Raises HTTPException on failure.
@@ -22,14 +22,16 @@ async def verify(auth: str | None, perms: list[str] | None):
if not auth:
raise HTTPException(status_code=401, detail="Authentication required")
session = await get_session(auth)
if perms:
if perm is not None:
if isinstance(perm, str):
perm = [perm]
ctx = await db.instance.get_session_context(session_key(auth))
if not ctx:
raise HTTPException(status_code=401, detail="Session not found")
available = set(ctx.role.permissions or []) | (
set(ctx.org.permissions or []) if ctx.org else set()
)
if any(p not in available for p in perms):
if any(p not in available for p in perm):
raise HTTPException(status_code=403, detail="Permission required")
return session