2022-04-12 09:50:24 +02:00
|
|
|
__author__ = "Florian Kaiser"
|
|
|
|
|
__copyright__ = "Copyright 2022, Project Aktienbot"
|
|
|
|
|
__credits__ = ["Florian Kaiser", "Florian Kellermann", "Linus Eickhof", "Kevin Pauer"]
|
|
|
|
|
__license__ = "GPL 3.0"
|
|
|
|
|
__version__ = "1.0.0"
|
|
|
|
|
|
2022-03-17 09:26:25 +01:00
|
|
|
import jwt
|
|
|
|
|
from apiflask import HTTPTokenAuth
|
2022-05-11 23:33:48 +02:00
|
|
|
from flask import current_app
|
2022-03-17 09:26:25 +01:00
|
|
|
|
|
|
|
|
auth = HTTPTokenAuth()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@auth.verify_token
|
|
|
|
|
def verify_token(token):
|
|
|
|
|
if token is None:
|
|
|
|
|
return False
|
|
|
|
|
|
2022-04-12 11:36:23 +02:00
|
|
|
# We decided to append the user id to the bearer token using ":" as separator to select an specific user
|
|
|
|
|
# To validate the token we can remove the user id since we only validate the token and not the user id
|
|
|
|
|
if ':' in token:
|
2022-03-22 11:20:04 +01:00
|
|
|
token = token.split(":")[0]
|
|
|
|
|
|
2022-03-17 09:26:25 +01:00
|
|
|
try:
|
2022-03-30 10:46:54 +02:00
|
|
|
jwt.decode(token, current_app.config['SECRET_KEY'], algorithms=["HS256"])
|
2022-03-17 09:26:25 +01:00
|
|
|
return True
|
2022-03-27 20:03:11 +02:00
|
|
|
except jwt.PyJWTError:
|
2022-03-17 09:26:25 +01:00
|
|
|
return False
|
