lib.decorators.authorizeΒΆ
myapp/lib/decorators.py:authorize()
If the permission.check() succeeds and returns True, the wrapped function is called, in this case it is the controller action privindex() which executes and returns a rendered page, fulfilling the request.
However, if the permission.check() fails, the @authorize() function does not call the privindex() action, instead an HTTP Redirect message is sent in answer to the original request, redirecting the user to the login page where they are offered an opportunity to authenticate or to re-authenticate with enhanced privileges.
The value of routes_dict (the original request) is stored in session['redirect'] for later retrieval and redirect_to_login() is called.