Improve api for bot

api/auth.py

@@ -11,6 +11,9 @@ def verify_token(token):
     if token is None:
         return False
 
+    if ':' in token:  # Bot token
+        token = token.split(":")[0]
+
     try:
         jwt.decode(token, os.getenv('SECRET_KEY'), algorithms=["HS256"])
         return True

api/helper_functions.py

@@ -38,11 +38,30 @@ def extract_token_data(token):
         return None
 
 
-def get_username_from_token_data(token_data):
+def get_username_from_token_data():
-    if token_data is not None:
+    if 'Authorization' in request.headers:
-        return token_data['username']
+        token = request.headers['Authorization'].split(" ")[1]
-    else:
+
-        return None
+        if token is not None:
+            if ':' in token:  # Maybe bot token, check if token valid and return username after ":" then
+                username = token.split(":")[1]
+                token = token.split(":")[0]
+
+                try:
+                    if jwt.decode(token, os.getenv('SECRET_KEY'), algorithms=["HS256"])['username'] == "bot":
+                        return username
+                    else:
+                        return None
+                except jwt.exceptions.DecodeError:
+                    return None
+
+            else:  # "Normal" token, extract username from token
+                try:
+                    return jwt.decode(token, os.getenv('SECRET_KEY'), algorithms=["HS256"])['username']
+                except jwt.exceptions.DecodeError:
+                    return None
+
+    return None
 
 
 def get_user_id_from_username(username):
@@ -54,7 +73,7 @@ def get_user_id_from_username(username):
 
 def get_username_or_abort_401():
     # get username from jwt token
-    username = get_username_from_token_data(extract_token_data(get_token()))
+    username = get_username_from_token_data()
 
     if username is None:  # If token not provided or invalid -> return 401 code
         abort(401, message="Unable to login")