Home/ Questions/Q 7984409
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-04T11:15:38+00:00

I’m working on a decorator that validates an api token, my first being to

  • 0

I’m working on a decorator that validates an api token, my first being to get the decorator in some minimal working order:

def check_token(view_method):
    @wraps(view_method)
    def wrapped_view(*args, **kwargs):
        token = request.args['token']
        if token is None:
            abort(403)
        return view_method(*args, **kwargs)
    return wrapped_view

This sort of works, i.e. the view works if the token is provided, but if not gives a 400 Bad Request error. I want to send a 403 error, but am not aware enough to catch this yet.

What is wrong with this that it only return a 400 error? How do I improve this?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    request.args is a MultiDict and it raises if a key is requested which is not there in dict. Here request.args['token'] raises before it reaches to abort(403). Few solutions are:

    ## If a 2nd optional argument is provided to dict.get then
## it does not raise if key is not found. Instead returns
## the 2nd argument passed as default.

token = request.args.get('token', None)
    if not token:
        ## Error handling

    Or:

    if 'token' not in request.args or not request.args['token']
    ## Error handling
    • 0