def validate_token(token_payload):
'''check for token expiration, secret-key expiration.'''
now = now_utc()
# check token expiration date
issued_at = token_payload.get('issuedAt', None)
ttl = token_payload.get('ttl', None)
if issued_at is None or ttl is None:
return 'missing `issuedAt` or `ttl` in auth token'
try:
iat = iso8601.parse_date(issued_at)
ttl = int(ttl)
except iso8601.ParseError as e:
return 'invalid `issuedAt` date format, expected iso8601. {}'.format(e)
except ValueError:
return 'invaild `ttl` value, expected integer'
token_exp = iat + timedelta(seconds=ttl)
if token_exp < now:
return 'token has expired'
# check for issuing at future - trying to cheat expiration?
# taking timedrift into account
if iat > (now + timedelta(minutes=65)):
return 'invalid `issuedAt` in the future.'
return None
评论列表
文章目录
