def check_auth(api_key):
"""This function is called to check if a api key is valid."""
device = DEVICES.get_device_by_token(api_key)
if not device:
return False
if device.expires_at < time.time():
return False
return True
def device():
api = request.headers.get('Authorization', '').replace("Bearer ", "")
device = DEVICES.get_device_by_token(api)
if device is not None:
result = model_to_dict(device)
else:
result = {}
return nice_json(result)
def token():
api = request.headers.get('Authorization', '').replace("Bearer ", "")
device = DEVICES.get_device_by_token(api)
if not device:
return Response(
'Could not verify your access level for that URL.\n'
'You have to authenticate with proper credentials', 401,
{'WWW-Authenticate': 'Basic realm="NOT PAIRED"'})
# token to refresh expired token
if device.refreshToken is None or device.refreshToken != api:
return Response(
'Could not verify your access level for that URL.\n'
'You have to authenticate with proper credentials', 401,
{'WWW-Authenticate': 'Basic realm="BAD REFRESH CODE"'})
# new tokens to access
access_token = gen_api()
new_refresh_token = gen_api()
DEVICES.add_device(uuid=device.uuid,
expires_at=time.time() + 72000,
accessToken=access_token,
refreshToken=new_refresh_token)
return nice_json(model_to_dict(device))