c_meyer/KasperskyLab-TinyCheck
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #62 from bl4ckh0l3z/main

Browse Source 
Fix for JWT token generation and validation
This commit is contained in:
Félix Aimé 2021-03-25 09:46:28 +01:00 committed by GitHub
commit f1250a00ba
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
server/backend/app/decorators.py
View File

@ -42,7 +42,7 @@ def require_header_token(f):
def decorated(*args, **kwargs): def decorated(*args, **kwargs):
try: try:
token = request.headers['X-Token'] token = request.headers['X-Token']
jwt.decode(token, app.config["SECRET_KEY"]) jwt.decode(token, app.config["SECRET_KEY"], "HS256")
return f(*args, **kwargs) return f(*args, **kwargs)
except: except:
return jsonify({"message": "JWT verification failed"}) return jsonify({"message": "JWT verification failed"})
@ -58,7 +58,7 @@ def require_get_token(f):
def decorated(*args, **kwargs): def decorated(*args, **kwargs):
try: try:
token = request.args.get("token") token = request.args.get("token")
jwt.decode(token, app.config["SECRET_KEY"]) jwt.decode(token, app.config["SECRET_KEY"], "HS256")
return f(*args, **kwargs) return f(*args, **kwargs)
except: except:
return jsonify({"message": "JWT verification failed"}) return jsonify({"message": "JWT verification failed"})

2
server/backend/main.py
View File

@ -34,7 +34,7 @@ def get_token():
""" """
token = jwt.encode({"exp": datetime.datetime.now() + token = jwt.encode({"exp": datetime.datetime.now() +
datetime.timedelta(hours=24)}, app.config["SECRET_KEY"]) datetime.timedelta(hours=24)}, app.config["SECRET_KEY"])
return jsonify({"token": token.decode("utf8")}) return jsonify({"token": token})
@app.route("/<p>/<path:path>", methods=["GET"]) @app.route("/<p>/<path:path>", methods=["GET"])