Exemple #1
0
def check_auth(api_key):
    """This function is called to check if a api key is valid."""
    device = DEVICES.get_device_by_token(api_key)
    if not device:
        return False
    if device.expires_at < time.time():
        return False
    return True
Exemple #2
0
def device():
    api = request.headers.get('Authorization', '').replace("Bearer ", "")
    device = DEVICES.get_device_by_token(api)
    if device is not None:
        result = model_to_dict(device)
    else:
        result = {}
    return nice_json(result)
Exemple #3
0
def token():
    api = request.headers.get('Authorization', '').replace("Bearer ", "")
    device = DEVICES.get_device_by_token(api)
    if not device:
        return Response(
            'Could not verify your access level for that URL.\n'
            'You have to authenticate with proper credentials', 401,
            {'WWW-Authenticate': 'Basic realm="NOT PAIRED"'})
    # token to refresh expired token
    if device.refreshToken is None or device.refreshToken != api:
        return Response(
            'Could not verify your access level for that URL.\n'
            'You have to authenticate with proper credentials', 401,
            {'WWW-Authenticate': 'Basic realm="BAD REFRESH CODE"'})
    # new tokens to access
    access_token = gen_api()
    new_refresh_token = gen_api()

    DEVICES.add_device(uuid=device.uuid,
                       expires_at=time.time() + 72000,
                       accessToken=access_token,
                       refreshToken=new_refresh_token)

    return nice_json(model_to_dict(device))