From d0776e910e938bbacccb7450ea71b2375a108fe0 Mon Sep 17 00:00:00 2001 From: Daniel McKnight Date: Mon, 11 Nov 2024 19:09:10 -0800 Subject: [PATCH] Update token auth handling to use HanaToken model instead of encoded string --- neon_users_service/service.py | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/neon_users_service/service.py b/neon_users_service/service.py index c31beaf..4d88c00 100644 --- a/neon_users_service/service.py +++ b/neon_users_service/service.py @@ -4,6 +4,8 @@ from copy import copy from typing import Optional from ovos_config import Configuration + +from neon_data_models.models.api.jwt import HanaToken from neon_users_service.databases import UserDatabase from neon_users_service.exceptions import (ConfigurationError, AuthenticationError, @@ -58,11 +60,11 @@ def create_user(self, user: User) -> User: return self.database.create_user(user) def _read_user(self, user_spec: str, password: Optional[str] = None, - auth_token: Optional[str] = None) -> User: + auth_token: Optional[HanaToken] = None) -> User: user = self.database.read_user(user_spec) if password and self._ensure_hashed(password) == user.password_hash: return user - elif auth_token and any((tok.access_token == auth_token + elif auth_token and any((tok.jti == f"{auth_token.jti}.refresh" for tok in user.tokens)): return user else: @@ -82,7 +84,7 @@ def read_unauthenticated_user(self, user_spec: str) -> User: def read_authenticated_user(self, username: str, password: Optional[str] = None, - auth_token: Optional[str] = None) -> User: + auth_token: Optional[HanaToken] = None) -> User: """ Helper to get a user from the database, only if the requested username and password match a database entry.