30 lines
840 B
Python
30 lines
840 B
Python
__author__ = "Florian Kaiser"
|
|
__copyright__ = "Copyright 2022, Project Aktienbot"
|
|
__credits__ = ["Florian Kaiser", "Florian Kellermann", "Linus Eickhof", "Kevin Pauer"]
|
|
__license__ = "GPL 3.0"
|
|
__version__ = "1.0.0"
|
|
|
|
from flask import current_app
|
|
|
|
import jwt
|
|
from apiflask import HTTPTokenAuth
|
|
|
|
auth = HTTPTokenAuth()
|
|
|
|
|
|
@auth.verify_token
|
|
def verify_token(token):
|
|
if token is None:
|
|
return False
|
|
|
|
# We decided to append the user id to the bearer token using ":" as separator to select an specific user
|
|
# To validate the token we can remove the user id since we only validate the token and not the user id
|
|
if ':' in token:
|
|
token = token.split(":")[0]
|
|
|
|
try:
|
|
jwt.decode(token, current_app.config['SECRET_KEY'], algorithms=["HS256"])
|
|
return True
|
|
except jwt.PyJWTError:
|
|
return False
|