-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #153 from SeaweedbrainCY/dev
Token based session instead of JWTs
- Loading branch information
Showing
68 changed files
with
1,610 additions
and
2,479 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
from database.session_token_repo import SessionTokenRepo | ||
from app import app | ||
from connexion.exceptions import Unauthorized, Forbidden | ||
from hashlib import sha256 | ||
from environment import logging | ||
from Utils.utils import get_ip | ||
import datetime as dt | ||
|
||
|
||
def verify_session(token): | ||
if not token: | ||
raise Unauthorized("No session token provided") | ||
with app.app.app_context(): | ||
session_token = SessionTokenRepo().get_session_token(token) | ||
if not session_token: | ||
raise Forbidden("Invalid session token") | ||
if float(session_token.expiration) < dt.datetime.now(dt.UTC).timestamp(): | ||
raise Forbidden("API key expired") | ||
if session_token.revoke_timestamp is not None: | ||
logging.info(f"Rejected session token {session_token.id} because it was revoked. User {session_token.user_id}") | ||
raise Forbidden("Invalid session token") | ||
return {"uid" : session_token.user_id} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.