From 34182fdc23b1af0fb515ee48cebfcd857f479592 Mon Sep 17 00:00:00 2001
From: Sorrel Bri <sorrel@SBJ-comp.local>
Date: Tue, 8 Oct 2019 18:03:46 -0700
Subject: [PATCH] stub jwt_required decorator to protect routes

---
 api/decorators.py      | 13 +++++++++++++
 api/users/api_users.py |  3 +++
 2 files changed, 16 insertions(+)
 create mode 100644 api/decorators.py

diff --git a/api/decorators.py b/api/decorators.py
new file mode 100644
index 0000000..a34620f
--- /dev/null
+++ b/api/decorators.py
@@ -0,0 +1,13 @@
+from flask import Blueprint, request, jsonify, session
+
+def jwt_required():
+    def decorator(func):
+        def authorized(*args, **kwargs):
+            auth_header = request.headers.get('Authorization') or None
+            if auth_header:
+                # check secret on auth header
+                return func(*args, **kwargs)
+            else:
+                abort(401)
+        return authorized
+    return decorator
\ No newline at end of file
diff --git a/api/users/api_users.py b/api/users/api_users.py
index e6d4183..d4f3f17 100644
--- a/api/users/api_users.py
+++ b/api/users/api_users.py
@@ -1,5 +1,6 @@
 from models.User import User, user_schema, users_schema
 from flask import Blueprint, request, json, session, jsonify
+from ..decorators import jwt_required
 
 api_users = Blueprint('api_users', __name__, url_prefix='/api')
 
@@ -10,7 +11,9 @@ def api_get_users():
     response = users_schema.dumps(users)
     return jsonify(response)
 
+
 @api_users.route('/users/account', methods=['GET'])
+@jwt_required()
 def api_get_user():
     print('called')
     auth_header = request.headers.get('Authorization') or None