TTMK/web2.0-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix try-catch for jwt verification

Browse Source
This commit is contained in:
Aarni Halinen
2022-07-24 21:02:35 +03:00
parent 9b53fb4bc0
commit dd0254a08e
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
webapp/views.py
+2 -2
View File
@@ -1,7 +1,7 @@
"""Webapp views.""" """Webapp views."""
from jwt import decode from jwt import decode
from jwt.exceptions import InvalidSignatureError from jwt.exceptions import InvalidTokenError
from django.utils import timezone from django.utils import timezone
from django.conf import settings from django.conf import settings
from django.http import HttpResponse, JsonResponse from django.http import HttpResponse, JsonResponse
@@ -344,7 +344,7 @@ def nginx_jwt_resp(request, *args, **kwargs):
# This also verifies the signature. # This also verifies the signature.
# See https://pyjwt.readthedocs.io/en/latest/usage.html#reading-the-claimset-without-validation # See https://pyjwt.readthedocs.io/en/latest/usage.html#reading-the-claimset-without-validation
token = decode(accessKey, settings.SECRET_KEY, algorithms=["HS256"]) token = decode(accessKey, settings.SECRET_KEY, algorithms=["HS256"])
except InvalidSignatureError: except InvalidTokenError:
return HttpResponse("", status=403) return HttpResponse("", status=403)
user = "admin" if token.get("username", "") == "admin" else "moderator" user = "admin" if token.get("username", "") == "admin" else "moderator"
resp = HttpResponse("", status=200) resp = HttpResponse("", status=200)