gander/web_server/blueprints/middleware.py

"""Authentication middleware and error handler registration."""

import logging
from functools import wraps
from os import getenv

from flask import redirect, g, session
from dotenv import load_dotenv
from database.database import Database

load_dotenv()

def logged_in_user():
    """
    Validator to make sure a user is logged in.
    """
    db = Database()
    db.create_connection()

    g.user = session.get("username", None)
    g.admin = db.fetchone("""SELECT is_admin FROM users
                            WHERE username = ?;""",
                            (session.get("username"),)
                        )
    db.close_connection()

def login_required(view):
    """
    Add at start of routes where users need to be logged in to access.
    """
    @wraps(view)
    def wrapped_view(*args, **kwargs):
        if g.user is None:
            return redirect(getenv("HOMEPAGE_URL"))
        return view(*args, **kwargs)
    return wrapped_view

def admin_required(view):
    """
    Add at start of routes where admins need to be logged in to access.
    """
    @wraps(view)
    def wrapped_view(*args, **kwargs):
        if g.admin == 0:
            return redirect(getenv("HOMEPAGE_URL"))
        return view(*args, **kwargs)
    return wrapped_view

def register_error_handlers(app):
    """
    Default reponses to status codes
    """
    error_responses = {
        400: "Bad Request",
        403: "Forbidden",
        404: "Not Found",
        500: "Internal Server Error"
    }

    for code, message in error_responses.items():
        @app.errorhandler(code)
        def handle_error(error, message=message, code=code):
            logging.error("Error %d: %s", code, str(error))
            return {"error": message}, code