some-fixes-chats

auth/authenticate.py

@@ -28,6 +28,7 @@ class SessionToken:
                 token is of specified type
         """
         try:
+            print('[auth.authenticate] session token verify')
             payload = JWTCodec.decode(token)
         except ExpiredSignatureError:
             payload = JWTCodec.decode(token, verify_exp=False)
@@ -58,6 +59,8 @@ class JWTAuthenticate(AuthenticationBackend):
         try:
             payload = await SessionToken.verify(token)
         except Exception as exc:
+            print("[auth.authenticate] session token verify error")
+            print(exc)
             return AuthCredentials(scopes=[], error_message=str(exc)), AuthUser(
                 user_id=None
             )

auth/identity.py

@@ -81,6 +81,7 @@ class Identity:
     @staticmethod
     async def onetime(token: str) -> User:
         try:
+            print('[auth.identity] using one time token')
             payload = JWTCodec.decode(token)
             if not await TokenStorage.exist(f"{payload.user_id}-{token}"):
                 raise InvalidToken("Login token has expired, please login again")

auth/tokenstorage.py

@@ -36,11 +36,13 @@ class TokenStorage:
 
     @staticmethod
     async def revoke(token: str) -> bool:
+        payload = None
         try:
+            print("[auth.tokenstorage] revoke token")
             payload = JWTCodec.decode(token)
         except:  # noqa
             pass
-        else:
+        finally:
             await redis.execute("DEL", f"{payload.user_id}-{token}")
         return True