def verify(auth_token, owner):
"""Verify Auth Token.
:param auth_token: Authentication token to verify
:param owner: dataset owner
"""
if not auth_token:
return False
if auth_token == 'testing-token' and owner == '__tests':
return True
try:
token = jwt.decode(auth_token.encode('ascii'),
public_key(),
algorithm='RS256')
has_permission = owner == token.get('userid')
# TODO: Check service in the future
# service = token.get('service')
# has_permission = has_permission and service == 'world'
# has_permission = has_permission and owner == token.get('userid')
return has_permission
except jwt.InvalidTokenError:
return False
评论列表
文章目录
