auth fix

auth/authenticate.py

@@ -12,7 +12,7 @@ from orm.user import User, Role
 
 from settings import SESSION_TOKEN_HEADER
 from auth.tokenstorage import SessionToken
-from base.exceptions import InvalidToken, OperationNotAllowed
+from base.exceptions import OperationNotAllowed
 
 
 class JWTAuthenticate(AuthenticationBackend):
@@ -30,44 +30,34 @@ class JWTAuthenticate(AuthenticationBackend):
                 user_id=None
             )
 
-        try:
+        if len(token.split('.')) > 1:
-            if len(token.split('.')) > 1:
+            payload = await SessionToken.verify(token)
-                payload = await SessionToken.verify(token)
+            user = None
-                if payload is None:
+            with local_session() as session:
-                    return AuthCredentials(scopes=[]), AuthUser(user_id=None)
+                try:
-                user = None
+                    user = (
-                with local_session() as session:
+                        session.query(User).options(
-                    try:
+                            joinedload(User.roles).options(joinedload(Role.permissions)),
-                        user = (
+                            joinedload(User.ratings)
-                            session.query(User).options(
+                        ).filter(
-                                joinedload(User.roles).options(joinedload(Role.permissions)),
+                            User.id == payload.user_id
-                                joinedload(User.ratings)
+                        ).one()
-                            ).filter(
+                    )
-                                User.id == payload.user_id
-                            ).one()
-                        )
-                    except exc.NoResultFound:
-                        user = None
 
-                if not user:
+                    scopes = {}  # TODO: integrate await user.get_permission()
-                    return AuthCredentials(scopes=[]), AuthUser(user_id=None)
 
-                scopes = {}  # await user.get_permission()
+                    return (
+                        AuthCredentials(
+                            user_id=payload.user_id,
+                            scopes=scopes,
+                            logged_in=True
+                        ),
+                        AuthUser(user_id=user.id),
+                    )
+                except exc.NoResultFound:
+                    pass
 
-                return (
+        return AuthCredentials(scopes=[], error_message=str('Invalid token')), AuthUser(user_id=None)
-                    AuthCredentials(
-                        user_id=payload.user_id,
-                        scopes=scopes,
-                        logged_in=True
-                    ),
-                    AuthUser(user_id=user.id),
-                )
-            else:
-                InvalidToken("please try again")
-        except Exception as e:
-            print("[auth.authenticate] session token verify error")
-            print(e)
-            return AuthCredentials(scopes=[], error_message=str(e)), AuthUser(user_id=None)
 
 
 def login_required(func):

auth/jwtcodec.py

@@ -23,6 +23,7 @@ class JWTCodec:
     @staticmethod
     def decode(token: str, verify_exp: bool = True) -> TokenPayload:
         r = None
+        payload = None
         try:
             payload = jwt.decode(
                 token,