Пример #1
0
def require_login(request):
    print(request.headers)
    authorization = request.headers.get('Authorization', '')
    if not authorization:
        log.error('No authorization header')
        raise web.HTTPForbidden()
    print('authorization', authorization)
    bearer = 'bearer '
    if not authorization.lower().startswith(bearer):
        log.error('Authorization header does not start with bearer: {0}'.format(authorization))
        raise web.HTTPForbidden()
    authorization = authorization[len(bearer):]
    try:
        jwt = jwt_decode(authorization)
    except InvalidTokenError as err:
        log.error('JWT is invalid: {0}'.format(err))
        raise web.HTTPForbidden()