1
Fork 0
mirror of https://github.com/RYGhub/royalnet.git synced 2024-11-23 19:44:20 +00:00

[!] Check if a token has expired before authenticating

This commit is contained in:
Steffo 2020-03-26 22:26:42 +01:00
parent 601c673d96
commit 46f6ec05aa
2 changed files with 4 additions and 2 deletions

View file

@ -51,5 +51,5 @@ class Token:
} }
@classmethod @classmethod
async def authenticate(cls, alchemy, session, token: str) -> "Token": async def find(cls, alchemy, session, token: str) -> "Token":
return await ru.asyncify(session.query(alchemy.get(cls)).filter_by(token=token).one_or_none) return await ru.asyncify(session.query(alchemy.get(cls)).filter_by(token=token).one_or_none)

View file

@ -18,9 +18,11 @@ class ApiData(dict):
raise MissingParameterError(f"Missing '{key}'") raise MissingParameterError(f"Missing '{key}'")
async def token(self) -> Token: async def token(self) -> Token:
token = await Token.authenticate(self.star.alchemy, self.session, self["token"]) token = await Token.find(self.star.alchemy, self.session, self["token"])
if token is None: if token is None:
raise ForbiddenError("'token' is invalid") raise ForbiddenError("'token' is invalid")
if token.expired:
raise ForbiddenError("Login token has expired")
return token return token
async def user(self) -> User: async def user(self) -> User: