mirror of
https://github.com/simple-login/app.git
synced 2024-09-28 12:41:29 +02:00
Take into account expiration for AuthCode and OauthToken
This commit is contained in:
parent
2693ba5838
commit
3a0f0ca780
@ -47,6 +47,11 @@ def token():
|
||||
auth_code: AuthorizationCode = AuthorizationCode.filter_by(code=code).first()
|
||||
if not auth_code:
|
||||
return jsonify(error=f"no such authorization code {code}"), 400
|
||||
elif auth_code.is_expired():
|
||||
AuthorizationCode.delete(auth_code.id)
|
||||
db.session.commit()
|
||||
LOG.d("delete expired authorization code:%s", auth_code)
|
||||
return jsonify(error=f"{code} already expired"), 400
|
||||
|
||||
if auth_code.client_id != client.id:
|
||||
return jsonify(error=f"are you sure this code belongs to you?"), 400
|
||||
|
@ -1,6 +1,8 @@
|
||||
from flask import request, jsonify
|
||||
from flask_cors import cross_origin
|
||||
|
||||
from app.extensions import db
|
||||
from app.log import LOG
|
||||
from app.models import OauthToken, ClientUser
|
||||
from app.oauth.base import oauth_bp
|
||||
|
||||
@ -22,6 +24,11 @@ def user_info():
|
||||
oauth_token: OauthToken = OauthToken.get_by(access_token=access_token)
|
||||
if not oauth_token:
|
||||
return jsonify(error="Invalid access token"), 400
|
||||
elif oauth_token.is_expired():
|
||||
LOG.d("delete oauth token %s", oauth_token)
|
||||
OauthToken.delete(oauth_token.id)
|
||||
db.session.commit()
|
||||
return jsonify(error="Expired access token"), 400
|
||||
|
||||
client_user = ClientUser.get_or_create(
|
||||
client_id=oauth_token.client_id, user_id=oauth_token.user_id
|
||||
|
Loading…
Reference in New Issue
Block a user