You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@role_required(*role_names) is a Python decorator that will check the user roles to ensure s·he has the right to access a given resource.
If the user doesn't have the required roles or is anonymous, it will be either redirected to "/", either given a JSON response with a 401 status @auth.login_required is also used.
Examples:
@app_bp.route('/users')@role_required('admin')defusers():
""" I can neither be accessed by a student nor a teacher """returnrender_template('admin/users.html')
@app_api.route('/user/<user_id>/grades')@auth.login_required@role_required('teacher')defapi_check_student_grades(user_id):
""" I cannot be accessed by a student As every admin also has a teacher role, so it's ok. """return {"data": [10, 15]}