def validate(self, token):
if token.get('type') not in ('bearer', 'wstoken'):
return
if '.' not in token.get('token', ''):
# quick way to check if actually might be jwt
return
try:
validated_jwt = jwt.decode(
token['token'],
app_settings['jwt']['secret'],
algorithms=[app_settings['jwt']['algorithm']])
token['id'] = validated_jwt['id']
user = await find_user(self.request, token)
if user is not None and user.id == token['id']:
return user
except (jwt.exceptions.DecodeError, jwt.exceptions.ExpiredSignatureError,
KeyError):
pass
return
评论列表
文章目录
