def get_identity(b64token, cursor=None): if cursor is None: cursor = database.get_db().cursor() rows = cursor.execute(''' SELECT user.id AS user_id, user.permissions AS user_permissions, patch_request.id AS patch_request_id, strftime("%s","now") > token_expires_at AS token_expired FROM user LEFT JOIN patch_request ON user.id = patch_request.created_by AND patch_request.open = 1 WHERE user.b64token = ?''', (b64token,)).fetchall() if not rows: return UnauthenticatedIdentity( 'invalid_token', 'The access token is invalid') if rows[0]['token_expired']: return UnauthenticatedIdentity( 'invalid_token', 'The access token expired') identity = Identity(rows[0]['user_id'], auth_type='bearer') identity.b64token = b64token for p in json.loads(rows[0]['user_permissions']): identity.provides.add(tuple(p)) for r in rows: if r['patch_request_id'] is not None: identity.provides.add(UpdatePatchNeed(value=r['patch_request_id'])) return identity