OndrejIT · July 4, 2017 14:03
diff --git a/bottle_auth_wrapper.py b/bottle_auth_wrapper.py
 def auth_check(func=None, realm="private", text="Access denied"):
 	"""Wrapper na basic/token/IP autorizaci"""
 	@wraps(func)
 	def wrapper(*args, **kwargs):
 		# FIXME otestovat o proti nginx a caddy
 		remote_ip = IP(request.get_header("X-Real-IP", request.remote_addr))
 		local_ip = IPSet([IP("10.0.0.0/8"), IP("172.16.0.0/12"), IP("192.168.0.0/16")])
 		if remote_ip in local_ip:
 			return func(*args, **kwargs)

 		if "token" in request.GET:
 			try:
 				jwt.decode(request.GET["token"], os.environ["JWT_SECRET"], algorithms=["HS256"])
 			except:
 				err = HTTPError(401, text)
 				return err
 		else:
 			user, password = request.auth or (None, None)
 			if not user == os.environ["API_USER"] or not password == os.environ["API_PASSWORD"]:
 				err = HTTPError(401, text)
 				err.add_header('WWW-Authenticate', 'Basic realm="%s"' % realm)
 				return err

 		return func(*args, **kwargs)

 	return wrapper
	def auth_check(func=None, realm="private", text="Access denied"):
	"""Wrapper na basic/token/IP autorizaci"""
	@wraps(func)
	def wrapper(args, *kwargs):
	# FIXME otestovat o proti nginx a caddy
	remote_ip = IP(request.get_header("X-Real-IP", request.remote_addr))
	local_ip = IPSet([IP("10.0.0.0/8"), IP("172.16.0.0/12"), IP("192.168.0.0/16")])
	if remote_ip in local_ip:
	return func(args, *kwargs)

	if "token" in request.GET:
	try:
	jwt.decode(request.GET["token"], os.environ["JWT_SECRET"], algorithms=["HS256"])
	except:
	err = HTTPError(401, text)
	return err
	else:
	user, password = request.auth or (None, None)
	if not user == os.environ["API_USER"] or not password == os.environ["API_PASSWORD"]:
	err = HTTPError(401, text)
	err.add_header('WWW-Authenticate', 'Basic realm="%s"' % realm)
	return err

	return func(args, *kwargs)

	return wrapper