summaryrefslogtreecommitdiff
path: root/indoteknik_api/controllers/api_v1/cart.py
diff options
context:
space:
mode:
Diffstat (limited to 'indoteknik_api/controllers/api_v1/cart.py')
-rw-r--r--indoteknik_api/controllers/api_v1/cart.py12
1 files changed, 3 insertions, 9 deletions
diff --git a/indoteknik_api/controllers/api_v1/cart.py b/indoteknik_api/controllers/api_v1/cart.py
index 6c540330..a8628432 100644
--- a/indoteknik_api/controllers/api_v1/cart.py
+++ b/indoteknik_api/controllers/api_v1/cart.py
@@ -7,10 +7,8 @@ class Cart(controller.Controller):
prefix = '/api/v1/'
@http.route(prefix + 'cart', auth='public', methods=['GET'])
+ @controller.Controller.must_authorized()
def get_cart_by_user_id(self, **kw):
- if not self.authenticate():
- return self.response(code=401, description='Unauthorized')
-
user_id = int(kw.get('user_id', 0))
limit = int(kw.get('limit', 0))
offset = int(kw.get('offset', 0))
@@ -28,10 +26,8 @@ class Cart(controller.Controller):
return self.response(data)
@http.route(prefix + 'cart/create-or-update', auth='public', methods=['POST'], csrf=False)
+ @controller.Controller.must_authorized()
def create_or_update_cart(self, **kw):
- if not self.authenticate():
- return self.response(code=401, description='Unauthorized')
-
user_id = int(kw.get('user_id', 0))
product_id = int(kw.get('product_id', 0))
qty = int(kw.get('qty', 0))
@@ -55,10 +51,8 @@ class Cart(controller.Controller):
return self.response(result)
@http.route(prefix + 'cart', auth='public', methods=['DELETE'], csrf=False)
+ @controller.Controller.must_authorized()
def delete_cart_by_user_id(self, **kw):
- if not self.authenticate():
- return self.response(code=401, description='Unauthorized')
-
user_id = int(kw.get('user_id', 0))
query = [('user_id', '=', user_id)]
product_ids = kw.get('product_ids')
generated by cgit v1.2.3 (git 2.25.1) at 2026-04-27 05:07:32 +0000