28 lines
806 B
Python
28 lines
806 B
Python
import os
|
|
from typing import Optional
|
|
|
|
import casbin
|
|
from fastapi import HTTPException, status, Request, Header
|
|
|
|
from Utils.Authentication.TokenUtil import decode_token
|
|
|
|
e = casbin.Enforcer(
|
|
os.getcwd() + r"\Utils\AccessControl\model.conf",
|
|
os.getcwd() + r"\Utils\AccessControl\policy.csv"
|
|
)
|
|
|
|
|
|
def access_interseptor(request: Request, token: Optional[str] = Header(...)):
|
|
|
|
sub = decode_token(token).get("role")
|
|
obj = request.url.__str__().split(request.base_url.__str__()[:-1])[-1].split("?")[0]
|
|
act = request.method
|
|
|
|
if not e.enforce(sub, obj, act):
|
|
credentials_exception = HTTPException(
|
|
status_code=status.HTTP_401_UNAUTHORIZED,
|
|
detail="No Access",
|
|
headers={"WWW-Authenticate": "Bearer"},
|
|
)
|
|
raise credentials_exception
|