def get_payload_from_token(token):
s = Serializer(current_app.config['SECRET_KEY'])
cipher = AESCipher(current_app.config['SECRET_KEY'][:16])
try:
data = json.loads(cipher.decrypt(s.loads(token)))
return data
except SignatureExpired, se:
time_offset = (datetime.now()- se.date_signed).total_seconds()
current_app.logger.error('token expired: %s. signature date %s. offset with current date = %s'%(se.message,str(se.date_signed),str(time_offset)))
current_app.logger.error('current date %s, token date %s'%(str(datetime.now()), str(se.date_signed)))
if -1<= time_offset < 0:#allow for 1 seconds out of sync machines
current_app.logger.info('token time offset within grace period. allowing auth')
return json.loads(cipher.decrypt(se.payload))
else:
LogApiTokenExpired()
# raise SignatureExpired(se)
raise TokenExpired()
# abort(419, message = 'Authentication expired.')
except BadSignature, e:
current_app.logger.error('bad signature in token')
encoded_payload = e.payload
if encoded_payload is not None:
try:
decoded_payload = s.load_payload(encoded_payload)
payload= json.loads(cipher.decrypt(decoded_payload))
LogApiTokenInvalid(payload)
except BadData:
LogApiTokenInvalid(dict(error='bad data in token',
token=token))
abort(401, message = 'bad signature in token')
评论列表
文章目录
