Browse Source

Refactor token validity check.

to-aiohttp
crudo 5 years ago
parent
commit
14cc8ec7c4
  1. 7
      pos/database.py
  2. 7
      pos/rest.py

7
pos/database.py

@ -165,3 +165,10 @@ class AccessToken(Base):
default=(datetime.now() + timedelta(days=2)))
user = relationship('User', lazy='joined')
def is_valid(self):
return all([
self.is_active,
self.created_at < datetime.now(),
self.expires_at > datetime.now()
])

7
pos/rest.py

@ -1,4 +1,3 @@
from datetime import datetime
from functools import wraps
from aiohttp.web import json_response
from pos.database import User, ProductCategory, AccessToken
@ -26,11 +25,7 @@ def auth_required(func):
return json_response({'err': 'unauthorized',
'msg': 'The token is not valid.'},
status=401)
elif (
not token.is_active or
token.created_at > datetime.now() or
token.expires_at < datetime.now()
):
elif not token.is_valid():
return json_response({'err': 'forbidden',
'msg': 'The token has expired.'},
status=403)

Loading…
Cancel
Save