Route Permissions

Guide on how to use route permissions to restrict access to certain endpoints.

In your web API, you can use route permissions to restrict access to certain endpoints based on the user's authentication status or other criteria. This is done by specifying a list of permissions as an argument to the route decorator.

Example

Below is an example of how BlazingAPI restricts access to the settings.ME_ENDPOINT endpoint using the IsAuthenticated permission.

from blazingapi.app import app
from blazingapi.auth.permissions import IsAuthenticated
from blazingapi.response import Response
from blazingapi.settings import settings

@app.get(settings.ME_ENDPOINT, permissions=[IsAuthenticated])
def me(request):
    return Response(body=request.user, status=200)

How to create a custom permission?

See the Create Custom Permissions guide for more information on how to create custom permissions.

Route Parameters

Validate Request Body

Route Permissions

Example

On this page