def test_decode_auth_token(self):
user = User(
email='*****@*****.**',
password='******',
registered_on=datetime.datetime.utcnow()
)
db.session.add(user)
db.session.commit()
auth_token = user.encode_access_token()
self.assertTrue(isinstance(auth_token, bytes))
self.assertTrue(User.decode_access_token(auth_token.decode("utf-8")).value.get('public_id') == user.public_id)
def check_access_token(admin_only=False):
token = request.headers.get("Authorization")
if not token:
raise ApiUnauthorized(description="Unauthorized",
admin_only=admin_only)
result = User.decode_access_token(token)
if result.failure:
raise ApiUnauthorized(
description=result.error,
admin_only=admin_only,
error="invalid_token",
error_description=result.error,
)
return result.value