Optimize auth method

1 files changed, 3 insertions, 9 deletions

diff --git a/indoteknik_api/controllers/api_v1/cart.py b/indoteknik_api/controllers/api_v1/cart.py
index 6c540330..a8628432 100644
--- a/indoteknik_api/controllers/api_v1/cart.py
+++ b/indoteknik_api/controllers/api_v1/cart.py
@@ -7,10 +7,8 @@ class Cart(controller.Controller):
     prefix = '/api/v1/'
     
     @http.route(prefix + 'cart', auth='public', methods=['GET'])
+    @controller.Controller.must_authorized()
     def get_cart_by_user_id(self, **kw):
-        if not self.authenticate():
-            return self.response(code=401, description='Unauthorized')
-        
         user_id = int(kw.get('user_id', 0))
         limit = int(kw.get('limit', 0))
         offset = int(kw.get('offset', 0))
@@ -28,10 +26,8 @@ class Cart(controller.Controller):
         return self.response(data)
     
     @http.route(prefix + 'cart/create-or-update', auth='public', methods=['POST'], csrf=False)
+    @controller.Controller.must_authorized()
     def create_or_update_cart(self, **kw):
-        if not self.authenticate():
-            return self.response(code=401, description='Unauthorized')
-        
         user_id = int(kw.get('user_id', 0))
         product_id = int(kw.get('product_id', 0))
         qty = int(kw.get('qty', 0))
@@ -55,10 +51,8 @@ class Cart(controller.Controller):
         return self.response(result)
     
     @http.route(prefix + 'cart', auth='public', methods=['DELETE'], csrf=False)
+    @controller.Controller.must_authorized()
     def delete_cart_by_user_id(self, **kw):
-        if not self.authenticate():
-            return self.response(code=401, description='Unauthorized')
-        
         user_id = int(kw.get('user_id', 0))
         query = [('user_id', '=', user_id)]
         product_ids = kw.get('product_ids')