Skip to content

Commit

Permalink
Защита ручки GET /file/{pin} (#86)
Browse files Browse the repository at this point in the history
## Изменения
добавил авторизацию ручки GET /file/{pin}
  • Loading branch information
gitfresnel authored Oct 23, 2024
1 parent a818a52 commit 909ca5a
Showing 1 changed file with 14 additions and 3 deletions.
17 changes: 14 additions & 3 deletions print_service/routes/file.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@

import aiofiles
import aiofiles.os
from auth_lib.fastapi import UnionAuth
from fastapi import APIRouter, File, UploadFile
from fastapi.exceptions import HTTPException
from fastapi.params import Depends
Expand Down Expand Up @@ -159,7 +160,10 @@ async def send(inp: SendInput, settings: Settings = Depends(get_settings)):
response_model=SendOutput,
)
async def upload_file(
pin: str, file: UploadFile = File(...), settings: Settings = Depends(get_settings)
pin: str,
file: UploadFile = File(...),
settings: Settings = Depends(get_settings),
_=Depends(UnionAuth(scopes=["print.file.create"], allow_none=False, auto_error=True)),
):
"""Загрузить файл на сервер.
Expand Down Expand Up @@ -229,7 +233,10 @@ async def upload_file(
response_model=SendOutput,
)
async def update_file_options(
pin: str, inp: SendInputUpdate, settings: Settings = Depends(get_settings)
pin: str,
inp: SendInputUpdate,
settings: Settings = Depends(get_settings),
_=Depends(UnionAuth(scopes=["print.file.update"], allow_none=False, auto_error=True)),
):
"""Обновляет настройки печати.
Expand Down Expand Up @@ -275,7 +282,11 @@ async def update_file_options(
},
response_model=ReceiveOutput,
)
async def print_file(pin: str, settings: Settings = Depends(get_settings)):
async def print_file(
pin: str,
settings: Settings = Depends(get_settings),
_=Depends(UnionAuth(scopes=["print.file.get"], allow_none=False, auto_error=True)),
):
"""Получить файл для печати.
Требует пин-код, полученный в методе POST `/file`. Файл можно скачать
Expand Down

0 comments on commit 909ca5a

Please sign in to comment.