def load_session_id(token):
"""Load user session as opposite of get_id function"""
# used exclusively by flask-login
try:
user_id, session_id = token.split("-")
except:
return None
if not user_id or not session_id:
return None
if SessionCache.validate_session(user_id, session_id):
user = User.query.get(user_id)
user.set_session_id(session_id)
return user
return None
def load_session_token(token):
"""Load cookie session"""
s = Serializer(current_app.config["SECRET_KEY"],
current_app.config.get("SESSION_EXPIRATION"))
try:
data = s.loads(token)
except:
return None
if SessionCache.validate_session(data.get("user_id", -1),
data.get("session_id", "-1")):
user = User.query.get(data["user_id"])
user.set_session_id(data["session_id"])
current_app.logger.debug("Loading user %s from cookie session %s" %
(user.id, user.session_id))
return user
return None
def verify_api_token(token):
"""Validate a time-based token (from single page apps)"""
s = Serializer(current_app.config["SECRET_KEY"])
try:
data = s.loads(token)
except:
return None
if not data.get("id") or not data.get("session_id"):
return None
if SessionCache.validate_session(data.get("id"),
data.get("session_id")):
user = User.query.get(data.get("id"))
if user is not None:
user.set_session_id(data.get("session_id"))
return user
return None