used instead of valid, token expiry check
This commit is contained in:
11
auth.py
11
auth.py
@ -297,19 +297,18 @@ def checkAndInvalidateRefreshToken(login, xid, xal):
|
|||||||
' WHERE t.id = %s AND ' +
|
' WHERE t.id = %s AND ' +
|
||||||
' t.salt = %s AND ' +
|
' t.salt = %s AND ' +
|
||||||
' t."user" = u.id AND ' +
|
' t."user" = u.id AND ' +
|
||||||
' u.login = %s AND ' +
|
' u.login = %s',
|
||||||
' t.valid = true',
|
|
||||||
(xid, xal, login))
|
(xid, xal, login))
|
||||||
tokenObj = cur.fetchone()
|
tokenObj = cur.fetchone()
|
||||||
logger.debug("tokenObj: {}".format(tokenObj))
|
logger.debug("tokenObj: {}".format(tokenObj))
|
||||||
if not tokenObj:
|
if not tokenObj:
|
||||||
raise NoValidTokenException()
|
raise NoTokenException()
|
||||||
invObj = cur.fetchone()
|
invObj = cur.fetchone()
|
||||||
if invObj:
|
if invObj:
|
||||||
raise ManyTokensException()
|
raise ManyTokensException()
|
||||||
|
|
||||||
with conn.cursor() as cur:
|
with conn.cursor() as cur:
|
||||||
cur.execute('UPDATE token_t SET valid = false WHERE id = %s',
|
cur.execute('UPDATE token_t SET used = used + 1 WHERE id = %s',
|
||||||
[ xid ])
|
[ xid ])
|
||||||
except psycopg2.Error as err:
|
except psycopg2.Error as err:
|
||||||
raise Exception("Error when connecting to database: {}".format(err))
|
raise Exception("Error when connecting to database: {}".format(err))
|
||||||
@ -324,6 +323,8 @@ def refreshTokens(**args):
|
|||||||
refreshTokenObj = jwt.decode(refreshToken, JWT_PUB_KEY)
|
refreshTokenObj = jwt.decode(refreshToken, JWT_PUB_KEY)
|
||||||
logger.info(str(refreshTokenObj))
|
logger.info(str(refreshTokenObj))
|
||||||
|
|
||||||
|
# FIXME: token expiry check
|
||||||
|
|
||||||
checkAndInvalidateRefreshToken(refreshTokenObj["sub"], refreshTokenObj["xid"], refreshTokenObj["xal"])
|
checkAndInvalidateRefreshToken(refreshTokenObj["sub"], refreshTokenObj["xid"], refreshTokenObj["xal"])
|
||||||
|
|
||||||
authToken = _makeSimpleToken(refreshTokenObj["xap"], refreshTokenObj["sub"], "", refresh=True)
|
authToken = _makeSimpleToken(refreshTokenObj["xap"], refreshTokenObj["sub"], "", refresh=True)
|
||||||
@ -336,7 +337,7 @@ def refreshTokens(**args):
|
|||||||
logger.error("jwt.decode failed: {}".format(e))
|
logger.error("jwt.decode failed: {}".format(e))
|
||||||
raise werkzeug.exceptions.Unauthorized()
|
raise werkzeug.exceptions.Unauthorized()
|
||||||
except NoTokenException:
|
except NoTokenException:
|
||||||
logger.error("no token created")
|
logger.error("no token created/found")
|
||||||
raise werkzeug.exceptions.Unauthorized()
|
raise werkzeug.exceptions.Unauthorized()
|
||||||
except NoValidTokenException:
|
except NoValidTokenException:
|
||||||
logger.error("no valid token found")
|
logger.error("no valid token found")
|
||||||
|
Reference in New Issue
Block a user