def check_auth(api_key): """This function is called to check if a api key is valid.""" device = DEVICES.get_device_by_token(api_key) if not device: return False if device.expires_at < time.time(): return False return True
def device(): api = request.headers.get('Authorization', '').replace("Bearer ", "") device = DEVICES.get_device_by_token(api) if device is not None: result = model_to_dict(device) else: result = {} return nice_json(result)
def token(): api = request.headers.get('Authorization', '').replace("Bearer ", "") device = DEVICES.get_device_by_token(api) if not device: return Response( 'Could not verify your access level for that URL.\n' 'You have to authenticate with proper credentials', 401, {'WWW-Authenticate': 'Basic realm="NOT PAIRED"'}) # token to refresh expired token if device.refreshToken is None or device.refreshToken != api: return Response( 'Could not verify your access level for that URL.\n' 'You have to authenticate with proper credentials', 401, {'WWW-Authenticate': 'Basic realm="BAD REFRESH CODE"'}) # new tokens to access access_token = gen_api() new_refresh_token = gen_api() DEVICES.add_device(uuid=device.uuid, expires_at=time.time() + 72000, accessToken=access_token, refreshToken=new_refresh_token) return nice_json(model_to_dict(device))