Refactor token validity check.

pos/database.py

@@ -165,3 +165,10 @@ class AccessToken(Base):
                         default=(datetime.now() + timedelta(days=2)))
 
     user = relationship('User', lazy='joined')
+
+    def is_valid(self):
+        return all([
+            self.is_active,
+            self.created_at < datetime.now(),
+            self.expires_at > datetime.now()
+        ])

pos/rest.py

@@ -1,4 +1,3 @@
-from datetime import datetime
 from functools import wraps
 from aiohttp.web import json_response
 from pos.database import User, ProductCategory, AccessToken
@@ -26,11 +25,7 @@ def auth_required(func):
             return json_response({'err': 'unauthorized',
                                   'msg': 'The token is not valid.'},
                                  status=401)
-        elif (
+        elif not token.is_valid():
-            not token.is_active or
-            token.created_at > datetime.now() or
-            token.expires_at < datetime.now()
-        ):
             return json_response({'err': 'forbidden',
                                   'msg': 'The token has expired.'},
                                  status=403)