support list of tokens in ws_token

This commit is contained in:
Timothy Pogue 2022-09-21 16:02:21 -06:00
parent 0811bca8b4
commit 128b117af6
2 changed files with 13 additions and 4 deletions

View File

@ -401,7 +401,7 @@ CONF_SCHEMA = {
}, },
'username': {'type': 'string'}, 'username': {'type': 'string'},
'password': {'type': 'string'}, 'password': {'type': 'string'},
'ws_token': {'type': 'string'}, 'ws_token': {'type': ['string', 'array'], 'items': {'type': 'string'}},
'jwt_secret_key': {'type': 'string'}, 'jwt_secret_key': {'type': 'string'},
'CORS_origins': {'type': 'array', 'items': {'type': 'string'}}, 'CORS_origins': {'type': 'array', 'items': {'type': 'string'}},
'verbosity': {'type': 'string', 'enum': ['error', 'info']}, 'verbosity': {'type': 'string', 'enum': ['error', 'info']},

View File

@ -59,9 +59,18 @@ async def validate_ws_token(
secret_ws_token = api_config.get('ws_token', None) secret_ws_token = api_config.get('ws_token', None)
secret_jwt_key = api_config.get('jwt_secret_key', 'super-secret') secret_jwt_key = api_config.get('jwt_secret_key', 'super-secret')
if ws_token and secret_ws_token and secrets.compare_digest(secret_ws_token, ws_token): if ws_token and secret_ws_token:
# Just return the token if it matches is_valid_ws_token = False
return ws_token if isinstance(secret_ws_token, str):
is_valid_ws_token = secrets.compare_digest(secret_ws_token, ws_token)
elif isinstance(secret_ws_token, list):
is_valid_ws_token = any([
secrets.compare_digest(potential, ws_token)
for potential in secret_ws_token
])
if is_valid_ws_token:
return ws_token
else: else:
try: try:
user = get_user_from_token(ws_token, secret_jwt_key) user = get_user_from_token(ws_token, secret_jwt_key)