# SPDX-FileCopyrightText: WTF Kooperative eG <https://wtf-eg.de/>
#
# SPDX-License-Identifier: AGPL-3.0-or-later

from flask import g, make_response, request
from functools import wraps

from ki.models import Token


def token_auth(func):
    @wraps(func)
    def _token_auth(*args, **kwargs):
        auth_header = request.headers.get("Authorization")

        if (auth_header is None):
            return make_response({}, 401)

        if not auth_header.startswith("Bearer"):
            return make_response({}, 401)

        token = Token.query.filter(Token.token == auth_header[7:]).first()

        if token is None:
            return make_response({}, 403)

        g.user = token.user

        return func(*args, **kwargs)

    return _token_auth