26 lines
734 B
Python
26 lines
734 B
Python
from fastapi import HTTPException
|
|
|
|
from ..util import permutil
|
|
|
|
|
|
async def verify(auth: str | None, perm: list[str], match=permutil.has_all):
|
|
"""Validate session token and optional list of required permissions.
|
|
|
|
Returns the session context.
|
|
|
|
Raises HTTPException on failure:
|
|
401: unauthenticated / invalid session
|
|
403: required permissions missing
|
|
"""
|
|
if not auth:
|
|
raise HTTPException(status_code=401, detail="Authentication required")
|
|
|
|
ctx = await permutil.session_context(auth)
|
|
if not ctx:
|
|
raise HTTPException(status_code=401, detail="Session not found")
|
|
|
|
if not match(ctx, perm):
|
|
raise HTTPException(status_code=403, detail="Permission required")
|
|
|
|
return ctx
|