support list of tokens in ws_token
This commit is contained in:
parent
0811bca8b4
commit
128b117af6
@ -401,7 +401,7 @@ CONF_SCHEMA = {
|
|||||||
},
|
},
|
||||||
'username': {'type': 'string'},
|
'username': {'type': 'string'},
|
||||||
'password': {'type': 'string'},
|
'password': {'type': 'string'},
|
||||||
'ws_token': {'type': 'string'},
|
'ws_token': {'type': ['string', 'array'], 'items': {'type': 'string'}},
|
||||||
'jwt_secret_key': {'type': 'string'},
|
'jwt_secret_key': {'type': 'string'},
|
||||||
'CORS_origins': {'type': 'array', 'items': {'type': 'string'}},
|
'CORS_origins': {'type': 'array', 'items': {'type': 'string'}},
|
||||||
'verbosity': {'type': 'string', 'enum': ['error', 'info']},
|
'verbosity': {'type': 'string', 'enum': ['error', 'info']},
|
||||||
|
@ -59,8 +59,17 @@ async def validate_ws_token(
|
|||||||
secret_ws_token = api_config.get('ws_token', None)
|
secret_ws_token = api_config.get('ws_token', None)
|
||||||
secret_jwt_key = api_config.get('jwt_secret_key', 'super-secret')
|
secret_jwt_key = api_config.get('jwt_secret_key', 'super-secret')
|
||||||
|
|
||||||
if ws_token and secret_ws_token and secrets.compare_digest(secret_ws_token, ws_token):
|
if ws_token and secret_ws_token:
|
||||||
# Just return the token if it matches
|
is_valid_ws_token = False
|
||||||
|
if isinstance(secret_ws_token, str):
|
||||||
|
is_valid_ws_token = secrets.compare_digest(secret_ws_token, ws_token)
|
||||||
|
elif isinstance(secret_ws_token, list):
|
||||||
|
is_valid_ws_token = any([
|
||||||
|
secrets.compare_digest(potential, ws_token)
|
||||||
|
for potential in secret_ws_token
|
||||||
|
])
|
||||||
|
|
||||||
|
if is_valid_ws_token:
|
||||||
return ws_token
|
return ws_token
|
||||||
else:
|
else:
|
||||||
try:
|
try:
|
||||||
|
Loading…
Reference in New Issue
Block a user