From 56bf30c72236527e92572263abc6f5daed6f5151 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sybren=20A=2E=20St=C3=BCvel?= Date: Thu, 31 Mar 2016 11:10:01 +0200 Subject: [PATCH] Validate authentication token on every request. --- pillar/application/__init__.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/pillar/application/__init__.py b/pillar/application/__init__.py index 5e7ac96a..d746d82f 100644 --- a/pillar/application/__init__.py +++ b/pillar/application/__init__.py @@ -153,15 +153,18 @@ from modules.projects import before_inserting_projects from modules.projects import after_inserting_projects +@app.before_request +def validate_token_at_every_request(): + validate_token() + + def before_returning_item_permissions(response): # Run validation process, since GET on nodes entry point is public - validate_token() check_permissions(response, 'GET', append_allowed_methods=True) def before_returning_resource_permissions(response): for item in response['_items']: - validate_token() check_permissions(item, 'GET', append_allowed_methods=True)