masq/halfapi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[jwt_mw] Refuse DEBUG tokens in PROD mode with websockets

Browse Source
This commit is contained in:
Maxime Alves LIRMM 2020-10-05 10:19:52 +02:00
parent 21950aa6cd
commit 5c4e81d5d2
1 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
halfapi/lib/jwt_middleware.py
View File

@ -110,10 +110,10 @@ class JWTAuthenticationBackend(AuthenticationBackend):
raise AuthenticationError( raise AuthenticationError(
'Trying to connect using *DEBUG* token in *PRODUCTION* mode') 'Trying to connect using *DEBUG* token in *PRODUCTION* mode')
except jwt.InvalidTokenError as e: except jwt.InvalidTokenError as exc:
raise AuthenticationError(str(e)) raise AuthenticationError(str(exc))
except Exception as e: except Exception as exc:
print(e) logger.error('Authentication error : %s', exc)
raise e raise e
@ -142,8 +142,13 @@ class JWTWebSocketAuthenticationBackend(AuthenticationBackend):
try: try:
payload = jwt.decode(token, key=self.secret_key, algorithms=self.algorithm, payload = jwt.decode(token, key=self.secret_key, algorithms=self.algorithm,
audience=self.audience, options=self.options) audience=self.audience, options=self.options)
except jwt.InvalidTokenError as e:
raise AuthenticationError(str(e)) if PRODUCTION and 'debug' in payload.keys() and payload['debug']:
raise AuthenticationError(
'Trying to connect using *DEBUG* token in *PRODUCTION* mode')
except jwt.InvalidTokenError as exc:
raise AuthenticationError(str(exc))
return AuthCredentials(["authenticated"]), JWTUser(id = payload['id'], return AuthCredentials(["authenticated"]), JWTUser(id = payload['id'],
token=token, payload=payload) token=token, payload=payload)