auth and limit

2021-05-07 15:05:31 +02:00 · 2021-05-07 15:05:31 +02:00 · bfbaab2e02
commit bfbaab2e02
parent d8dcfd3e8e
2 changed files with 9 additions and 3 deletions
--- a/Auth.py
+++ b/Auth.py
@ -3,11 +3,11 @@ import os
 import werkzeug


-JWT_SECRET = os.environ['JWT_SECRET']
+JWT_PUB_KEY = os.environ['JWT_PUB_KEY']

 def decodeToken(token):
    try:
-        return jwt.decode(token, JWT_SECRET)
+        return jwt.decode(token, JWT_PUB_KEY, audience="mainscnt")
    except JWTError as e:
        print("ERROR: decodeToken: {}".format(e))
        raise werkzeug.exceptions.Unauthorized()
--- a/Entries.py
+++ b/Entries.py
@ -25,12 +25,18 @@ def insert(**args):


 def get(start, stop, token_info=None, location=None):
+    logging.info("Token: {}".format(token_info))
    if 'read/mainscnt/entries' not in token_info['x-scope']:
        raise werkzeug.exceptions.Forbidden()
+    LIMITS_PREFIX = 'mainscnt/entries/'
+    limit = 0
+    if ('x-limits' in token_info) and (token_info['x-limits'].startswith(LIMITS_PREFIX)):
+        limit = int(token_info['x-limits'][len(LIMITS_PREFIX):])
    res = [
        { 
            'timestamp': datetime.datetime.now(),
-            'frequency': 50.0
+            'frequency': 50.0,
+            'maxentries': limit
        }
    ]
    return res