discours.io/core
5
0
Fork 0
Code Pull Requests Actions Projects Activity

auth fix

Browse Source
This commit is contained in:
tonyrewin 2023-02-20 19:09:55 +03:00
parent 9fb6c72dbe
commit a8ad52caba
2 changed files with 27 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
auth/authenticate.py
View File

@ -12,7 +12,7 @@ from orm.user import User, Role
from settings import SESSION_TOKEN_HEADER
from auth.tokenstorage import SessionToken
from base.exceptions import InvalidToken, OperationNotAllowed
from base.exceptions import OperationNotAllowed
class JWTAuthenticate(AuthenticationBackend):
@ -30,11 +30,8 @@ class JWTAuthenticate(AuthenticationBackend):
user_id=None
)
try:
if len(token.split('.')) > 1:
payload = await SessionToken.verify(token)
if payload is None:
return AuthCredentials(scopes=[]), AuthUser(user_id=None)
user = None
with local_session() as session:
try:
@ -46,13 +43,8 @@ class JWTAuthenticate(AuthenticationBackend):
User.id == payload.user_id
).one()
)
except exc.NoResultFound:
user = None
if not user:
return AuthCredentials(scopes=[]), AuthUser(user_id=None)
scopes = {} # await user.get_permission()
scopes = {} # TODO: integrate await user.get_permission()
return (
AuthCredentials(
@ -62,12 +54,10 @@ class JWTAuthenticate(AuthenticationBackend):
),
AuthUser(user_id=user.id),
)
else:
InvalidToken("please try again")
except Exception as e:
print("[auth.authenticate] session token verify error")
print(e)
return AuthCredentials(scopes=[], error_message=str(e)), AuthUser(user_id=None)
except exc.NoResultFound:
pass
return AuthCredentials(scopes=[], error_message=str('Invalid token')), AuthUser(user_id=None)
def login_required(func):

1
auth/jwtcodec.py
View File

@ -23,6 +23,7 @@ class JWTCodec:
@staticmethod
def decode(token: str, verify_exp: bool = True) -> TokenPayload:
r = None
payload = None
try:
payload = jwt.decode(
token,