Merge branch 'develop' into 'master'

Prod deploy: Fix Filebrowser authentication cookie See merge request sahkoinsinoorikilta/vtmk/web2.0-backend!66
2022-07-24 18:26:38 +00:00
parent 2383e2089d dd0254a08e
commit c45bcc5442
1 changed files with 5 additions and 5 deletions
@@ -1,7 +1,7 @@
 """Webapp views."""
 from jwt import decode
-from jwt.exceptions import InvalidSignatureError
+from jwt.exceptions import InvalidTokenError
 from django.utils import timezone
 from django.conf import settings
 from django.http import HttpResponse, JsonResponse
@@ -337,14 +337,14 @@ class JobAdViewSet(ModelViewSet):
@require_http_methods(["GET"])
 def nginx_jwt_resp(request, *args, **kwargs):
-    cookie = request.COOKIES.get("jwt", None)
+    accessKey = request.COOKIES.get("jwt_access", None)
-    if not cookie:
+    if not accessKey:
        return HttpResponse("", status=401)
    try:
        # This also verifies the signature.
        # See https://pyjwt.readthedocs.io/en/latest/usage.html#reading-the-claimset-without-validation
-        token = decode(cookie, settings.SECRET_KEY, algorithms=["HS256"])
+        token = decode(accessKey, settings.SECRET_KEY, algorithms=["HS256"])
-    except InvalidSignatureError:
+    except InvalidTokenError:
        return HttpResponse("", status=403)
    user = "admin" if token.get("username", "") == "admin" else "moderator"
    resp = HttpResponse("", status=200)