From 14cc8ec7c43696ac0636fbdec30fb8cfe3d98f78 Mon Sep 17 00:00:00 2001
From: crudo <crudo@canaglie.net>
Date: Mon, 25 Sep 2017 21:22:41 +0200
Subject: [PATCH] Refactor token validity check.

---
 pos/database.py | 7 +++++++
 pos/rest.py     | 7 +------
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/pos/database.py b/pos/database.py
index b9aec54..f7d7a09 100644
--- a/pos/database.py
+++ b/pos/database.py
@@ -165,3 +165,10 @@ class AccessToken(Base):
                         default=(datetime.now() + timedelta(days=2)))
 
     user = relationship('User', lazy='joined')
+
+    def is_valid(self):
+        return all([
+            self.is_active,
+            self.created_at < datetime.now(),
+            self.expires_at > datetime.now()
+        ])
diff --git a/pos/rest.py b/pos/rest.py
index f6de7e9..33651a0 100644
--- a/pos/rest.py
+++ b/pos/rest.py
@@ -1,4 +1,3 @@
-from datetime import datetime
 from functools import wraps
 from aiohttp.web import json_response
 from pos.database import User, ProductCategory, AccessToken
@@ -26,11 +25,7 @@ def auth_required(func):
             return json_response({'err': 'unauthorized',
                                   'msg': 'The token is not valid.'},
                                  status=401)
-        elif (
-            not token.is_active or
-            token.created_at > datetime.now() or
-            token.expires_at < datetime.now()
-        ):
+        elif not token.is_valid():
             return json_response({'err': 'forbidden',
                                   'msg': 'The token has expired.'},
                                  status=403)