aiohttp-security/examples/db_auth.py

24 lines
700 B
Python
Raw Normal View History

2015-07-08 17:30:24 +00:00
import asyncio
from aiohttp_security.authorization import AbstractAuthorizationPolicy
2015-11-21 06:45:08 +00:00
class DBAuthorizationPolicy(AbstractAuthorizationPolicy):
def __init__(self, db_pool):
self.db_pool = db_pool
2015-07-08 17:30:24 +00:00
@asyncio.coroutine
def permits(self, identity, permission, context=None):
record = self.data.get(identity)
if record is not None:
# TODO: implement actual permission checker
if permission in record:
return True
return False
@asyncio.coroutine
def authorized_user_id(self, identity):
2015-11-21 06:45:08 +00:00
with (yield from self.db_pool) as conn:
conn
2015-07-08 17:30:24 +00:00
return identity if identity in self.data else None