confirm-token-fix
This commit is contained in:
@@ -11,7 +11,6 @@ from auth.jwtcodec import JWTCodec
|
||||
from auth.tokenstorage import TokenStorage
|
||||
from base.exceptions import InvalidToken
|
||||
from services.auth.users import UserStorage
|
||||
from settings import SESSION_TOKEN_HEADER
|
||||
|
||||
|
||||
class SessionToken:
|
||||
@@ -49,10 +48,10 @@ class JWTAuthenticate(AuthenticationBackend):
|
||||
async def authenticate(
|
||||
self, request: HTTPConnection
|
||||
) -> Optional[Tuple[AuthCredentials, AuthUser]]:
|
||||
if SESSION_TOKEN_HEADER not in request.headers:
|
||||
if "Auth" not in request.headers:
|
||||
return AuthCredentials(scopes=[]), AuthUser(user_id=None)
|
||||
|
||||
token = request.headers[SESSION_TOKEN_HEADER]
|
||||
token = request.headers.get("Auth", "")
|
||||
try:
|
||||
payload = await SessionToken.verify(token)
|
||||
except Exception as exc:
|
||||
@@ -77,6 +76,7 @@ class JWTAuthenticate(AuthenticationBackend):
|
||||
def login_required(func):
|
||||
@wraps(func)
|
||||
async def wrap(parent, info: GraphQLResolveInfo, *args, **kwargs):
|
||||
# print('[auth.authenticate] login required for %r with info %r' % (func, info)) # debug only
|
||||
auth: AuthCredentials = info.context["request"].auth
|
||||
if not auth.logged_in:
|
||||
return {"error": auth.error_message or "Please login"}
|
||||
|
||||
@@ -2,8 +2,8 @@ import requests
|
||||
|
||||
from settings import MAILGUN_API_KEY, MAILGUN_DOMAIN
|
||||
|
||||
api_url = "https://api.mailgun.net/v3/%s/messages" % MAILGUN_DOMAIN
|
||||
noreply = "discours.io <noreply@%s>" % MAILGUN_DOMAIN
|
||||
api_url = "https://api.mailgun.net/v3/%s/messages" % (MAILGUN_DOMAIN or 'discours.io')
|
||||
noreply = "discours.io <noreply@%s>" % (MAILGUN_DOMAIN or 'discours.io')
|
||||
lang_subject = {
|
||||
"ru": "Подтверждение почты",
|
||||
"en": "Confirm email"
|
||||
|
||||
@@ -16,14 +16,21 @@ class JWTCodec:
|
||||
"exp": exp,
|
||||
"iat": datetime.utcnow(),
|
||||
}
|
||||
return jwt.encode(payload, JWT_SECRET_KEY, JWT_ALGORITHM)
|
||||
try:
|
||||
r = jwt.encode(payload, JWT_SECRET_KEY, JWT_ALGORITHM)
|
||||
return r
|
||||
except Exception as e:
|
||||
print('[jwtcodec] JWT encode error %r' % e)
|
||||
|
||||
@staticmethod
|
||||
def decode(token: str, verify_exp: bool = True) -> TokenPayload:
|
||||
payload = jwt.decode(
|
||||
token,
|
||||
key=JWT_SECRET_KEY,
|
||||
options={"verify_exp": verify_exp},
|
||||
algorithms=[JWT_ALGORITHM],
|
||||
)
|
||||
return TokenPayload(**payload)
|
||||
try:
|
||||
payload = jwt.decode(
|
||||
token,
|
||||
key=JWT_SECRET_KEY,
|
||||
options={"verify_exp": verify_exp},
|
||||
algorithms=[JWT_ALGORITHM],
|
||||
)
|
||||
return TokenPayload(**payload)
|
||||
except Exception as e:
|
||||
print('[jwtcodec] JWT decode error %r' % e)
|
||||
|
||||
Reference in New Issue
Block a user