def authenticate_request(self):
if self.token_key not in context.environ:
self.bad()
return
encoded_token = context.environ[self.token_key]
if encoded_token is None or not encoded_token.strip():
self.bad()
return
try:
self.ok(self.verify_token(encoded_token))
except itsdangerous.SignatureExpired as ex:
# The token has expired. So we're trying to restore it using refresh-token.
session_id = ex.payload.get('sessionId')
if session_id:
self.try_refresh_token(session_id)
else:
self.bad()
raise HttpUnauthorized()
except itsdangerous.BadData:
# The token is Malformed
self.bad()
raise HttpBadRequest()
评论列表
文章目录
