def verify_auth_token(cls, token):
"""
Ensures that the token received from the client exists and returns the
User that the token belongs to. Returns None if token doesn't exist.
:param token: str
:return: User object or None
"""
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.loads(token)
except:
return None
user = User.query.get(data['id'])
if user and user.session_token == token:
return user
return None
# DB Helpers
评论列表
文章目录