yusur/coriplus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Adding feed to public API

Browse source
This commit is contained in:
Yusur 2019-10-27 11:30:14 +01:00
parent 5536e764e7
commit dc33b5567a
5 changed files with 113 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

11
app/utils.py
View file

@ -178,13 +178,16 @@ def generate_access_token(user):
h.update(str(user.password).encode('utf-8'))
return str(user.id) + ':' + h.hexdigest()[:32]
def check_access_token(user, token):
def check_access_token(token):
uid, hh = token.split(':')
if uid != user.get_id():
return False
try:
user = User[uid]
except User.DoesNotExist:
return
h = hashlib.sha256(get_secret_key())
h.update(b':')
h.update(str(user.id).encode('utf-8'))
h.update(b':')
h.update(str(user.password).encode('utf-8'))
return h.hexdigest()[:32] == hh
if h.hexdigest()[:32] == hh:
return user