def _verify(auth_token, owner, public_key):
"""Verify Auth Token.
:param auth_token: Authentication token to verify
:param owner: dataset owner
"""
if not auth_token or not owner:
return False
try:
token = jwt.decode(auth_token.encode('ascii'),
public_key,
algorithm='RS256')
# TODO: check service in the future
has_permission = True
# has_permission = token.get('permissions', {}) \
# .get('datapackage-upload', False)
# service = token.get('service')
# has_permission = has_permission and service == 'os.datastore'
has_permission = has_permission and owner == token.get('userid')
return has_permission
except jwt.InvalidTokenError:
return False
评论列表
文章目录
