Merge branch 'master' into 29-generic-entities-support

2022-11-21 22:13:47 +01:00 · 2022-11-21 22:13:47 +01:00 · c0dd91838b
commit c0dd91838b
parent ba1681fc22 d95baac74e
2 changed files with 10 additions and 4 deletions
--- a/platypush/backend/http/app/routes/auth.py
+++ b/platypush/backend/http/app/routes/auth.py
@ -50,7 +50,6 @@ def auth_endpoint():
    except Exception as e:
        log.warning('Invalid payload passed to the auth endpoint: ' + str(e))
        abort(400)
-        return jsonify({'token': None})

    expiry_days = payload.get('expiry_days')
    expires_at = None
@ -65,4 +64,3 @@ def auth_endpoint():
        })
    except UserException as e:
        abort(401, str(e))
-        return jsonify({'token': None})
--- a/platypush/user/init.py
+++ b/platypush/user/init.py
@ -230,6 +230,7 @@ class UserManager:
        payload = json.dumps(
            {
                'username': username,
+                'password': password,
                'created_at': datetime.datetime.now().timestamp(),
                'expires_at': expires_at.timestamp() if expires_at else None,
            },
@ -241,8 +242,7 @@ class UserManager:
            rsa.encrypt(payload.encode('ascii'), pub_key)
        ).decode()

-    @staticmethod
-    def validate_jwt_token(token: str) -> Dict[str, str]:
+    def validate_jwt_token(self, token: str) -> Dict[str, str]:
        """
        Validate a JWT token.

@ -275,6 +275,14 @@ class UserManager:
        if expires_at and time.time() > expires_at:
            raise InvalidJWTTokenException('Expired JWT token')

+        user = self.authenticate_user(
+            payload.get('username', ''),
+            payload.get('password', '')
+        )
+
+        if not user:
+            raise InvalidCredentialsException()
+
        return payload

    def _authenticate_user(self, session, username, password):