verify audience in jwt

This commit is contained in:
Matthieu Lamalle 2020-01-30 15:46:18 +01:00
parent ae6dfb2644
commit 424273360d
1 changed files with 1 additions and 3 deletions

View File

@ -193,7 +193,6 @@ def gen_token(auth):
'iss': issuer,
'aud': audience
}
token = jwt.encode(payload, secret, algorithm='HS256')
return token
@ -210,8 +209,7 @@ def access_token(request):
token = jwt.encode(decoded, secret, algorithm='HS256')
return Response(text=str(token.decode('utf-8')))
else:
return HTTPUnauthorized(reason='Token could not be refreshed')
return True
return HTTPUnauthorized(reason='Token could not be verified')
def verify_token(token):
secret = get_config()['jwt']['secret']