def post(self):
supplied_token = self.get_body_argument("token")
match = TokenValidate.validator.match(supplied_token)
if not match:
return self.error(((1, "Token format not recognized"),))
sess = Session()
token_name = match.group("token_name")
token_secret = match.group("token_secret")
username = match.group("name")
token = UserToken.get_by_value(sess, username, token_name)
if token is None:
return self.error(((2, "Token specified does not exist"),))
if not token.enabled:
return self.error(((3, "Token is disabled"),))
if not token.check_secret(token_secret):
return self.error(((4, "Token secret mismatch"),))
return self.success({
"owner": username,
"identity": str(token),
"act_as_owner": True,
"valid": True,
})
