aboutsummaryrefslogtreecommitdiff
path: root/api/auth/login_token.py
diff options
context:
space:
mode:
Diffstat (limited to 'api/auth/login_token.py')
-rw-r--r--api/auth/login_token.py23
1 files changed, 15 insertions, 8 deletions
diff --git a/api/auth/login_token.py b/api/auth/login_token.py
index d920eea..bb67c4f 100644
--- a/api/auth/login_token.py
+++ b/api/auth/login_token.py
@@ -2,22 +2,29 @@ from flask import Blueprint, request
from db import cursor
from auth.token import validate_token, hash_token
+
# get user_id from authentication token
def token_login(token):
- hashed = hash_token({ "token": token, "expirationDate": 0 })
- user_id = cursor.execute("select user_id from users where valid_tokens like ?", [f"%{hashed['token']}%"]).fetchone()
- return None if not user_id else user_id[0]
+ hashed = hash_token({"token": token, "expirationDate": 0})
+ user_id = cursor.execute(
+ "select user_id from users where valid_tokens like ?",
+ [f"%{hashed['token']}%"]
+ ).fetchone()
+ return None if not user_id else user_id[0]
+
token = Blueprint('token', __name__)
+
# this endpoint is currently unused, but verifies that a token is valid
-@token.route('/token', methods = ['POST'])
+@token.route('/token', methods=['POST'])
def index():
- data = request.get_json()
+ data = request.get_json()
+
+ auth_token = data.get("token") or ""
+ if not auth_token: return "", 400
- auth_token = data.get("token") or ""
- if not auth_token: return "", 400
+ return "", 200 if token_login(auth_token) else 401
- return "", 200 if token_login(auth_token) else 401
dynamic_route = ["/auth", token]