Merge branch 'master' into 29-generic-entities-support

This commit is contained in:
Fabio Manganiello 2022-11-21 22:13:47 +01:00
commit c0dd91838b
Signed by untrusted user: blacklight
GPG key ID: D90FBA7F76362774
2 changed files with 10 additions and 4 deletions

View file

@ -50,7 +50,6 @@ def auth_endpoint():
except Exception as e:
log.warning('Invalid payload passed to the auth endpoint: ' + str(e))
abort(400)
return jsonify({'token': None})
expiry_days = payload.get('expiry_days')
expires_at = None
@ -65,4 +64,3 @@ def auth_endpoint():
})
except UserException as e:
abort(401, str(e))
return jsonify({'token': None})

View file

@ -230,6 +230,7 @@ class UserManager:
payload = json.dumps(
{
'username': username,
'password': password,
'created_at': datetime.datetime.now().timestamp(),
'expires_at': expires_at.timestamp() if expires_at else None,
},
@ -241,8 +242,7 @@ class UserManager:
rsa.encrypt(payload.encode('ascii'), pub_key)
).decode()
@staticmethod
def validate_jwt_token(token: str) -> Dict[str, str]:
def validate_jwt_token(self, token: str) -> Dict[str, str]:
"""
Validate a JWT token.
@ -275,6 +275,14 @@ class UserManager:
if expires_at and time.time() > expires_at:
raise InvalidJWTTokenException('Expired JWT token')
user = self.authenticate_user(
payload.get('username', ''),
payload.get('password', '')
)
if not user:
raise InvalidCredentialsException()
return payload
def _authenticate_user(self, session, username, password):