def check_auth_token(request, nickname: str, token: str) -> bool:
log.info("[API] Login attempt from user {}".format(nickname))
if is_api_token(token):
if check_api_token(token):
request.validated['user'] = get_user_by_case_insensitive_nickname(nickname)
request.validated['auth-by-api-token'] = True
return True
else:
add_error(request, "Invalid token", status_code=401, location="header")
return False
return check_jwt(request, token) and check_not_temporary_token(request)
def test_fail_check(self):
token = "hglug8o7aug458oghag8o7h5o87gao87ha47z" # contains non hex symbols
self.assertFalse(admin.check_api_token(token))
def test_generate_check(self):
token = admin.generate_application_token("test")
self.assertTrue(admin.check_api_token(token))