support list of tokens in ws_token

2022-09-21 16:02:21 -06:00 · 2022-09-21 16:02:21 -06:00 · 128b117af6
parent 0811bca8b4
commit 128b117af6
2 changed files with 13 additions and 4 deletions
--- a/freqtrade/constants.py
+++ b/freqtrade/constants.py
@ -401,7 +401,7 @@ CONF_SCHEMA = {
                },
                'username': {'type': 'string'},
                'password': {'type': 'string'},
-                'ws_token': {'type': 'string'},
+                'ws_token': {'type': ['string', 'array'], 'items': {'type': 'string'}},
                'jwt_secret_key': {'type': 'string'},
                'CORS_origins': {'type': 'array', 'items': {'type': 'string'}},
                'verbosity': {'type': 'string', 'enum': ['error', 'info']},
--- a/freqtrade/rpc/api_server/api_auth.py
+++ b/freqtrade/rpc/api_server/api_auth.py
@ -59,9 +59,18 @@ async def validate_ws_token(
    secret_ws_token = api_config.get('ws_token', None)
    secret_jwt_key = api_config.get('jwt_secret_key', 'super-secret')

-    if ws_token and secret_ws_token and secrets.compare_digest(secret_ws_token, ws_token):
-        # Just return the token if it matches
-        return ws_token
+    if ws_token and secret_ws_token:
+        is_valid_ws_token = False
+        if isinstance(secret_ws_token, str):
+            is_valid_ws_token = secrets.compare_digest(secret_ws_token, ws_token)
+        elif isinstance(secret_ws_token, list):
+            is_valid_ws_token = any([
+                secrets.compare_digest(potential, ws_token)
+                for potential in secret_ws_token
+            ])
+
+        if is_valid_ws_token:
+            return ws_token
    else:
        try:
            user = get_user_from_token(ws_token, secret_jwt_key)