This commit is contained in:
Carneiro 2023-10-05 07:36:46 -03:00
parent 8ed1a5e3d4
commit 23a278e47d
2 changed files with 28 additions and 18 deletions

View File

@ -1,5 +1,5 @@
import time import time
import jwt import jwt as jwtlib
from stream_auth import settings from stream_auth import settings
@ -15,24 +15,24 @@ JWT_PUB_KEY = read_key(settings.JWT_PUB_PATH)
def create_stream_key(username: str): def create_stream_key(username: str):
payload = {'username': username} payload = {'username': username}
return jwt.encode(payload, JWT_PRIV_KEY, algorithm="RS256") return jwtlib.encode(payload, JWT_PRIV_KEY, algorithm="RS256")
def create_token(username: str, stream_key: str, exp: int = settings.JWT_EXP_TIME): def create_token(username: str, stream_key: str, exp: int = settings.JWT_EXP_TIME):
exp = time.time() + exp exp = time.time() + exp
payload = {'username': username, 'stream_key': stream_key, 'exp': exp} payload = {'username': username, 'stream_key': stream_key, 'exp': exp}
return jwt.encode(payload, JWT_PRIV_KEY, algorithm="RS256") return jwtlib.encode(payload, JWT_PRIV_KEY, algorithm="RS256")
def verify(token: str): def verify(token: str):
jwt.decode(token, JWT_PUB_KEY, algorithms=["RS256"]) # return jwtlib.decode(token, JWT_PUB_KEY, algorithms=["RS256"])
# try: try:
# jwt.decode(token, JWT_PUB_KEY, algorithms=["RS256"]) jwtlib.decode(token, JWT_PUB_KEY, algorithms=["RS256"])
# except (jwt.exceptions.ExpiredSignatureError, jwt.InvalidTokenError): except (jwtlib.exceptions.ExpiredSignatureError, jwt.InvalidTokenError):
# return False return False
return True return True
def decode_token(token: str): def decode_token(token: str):
return jwt.decode(token, JWT_PUB_KEY, algorithms=["RS256"]) return jwtlib.decode(token, JWT_PUB_KEY, algorithms=["RS256"])

View File

@ -22,23 +22,33 @@ def create_stream():
StreamModel(username, title, description) StreamModel(username, title, description)
@stream.route('/publish_check', methods=['POST']) @stream.route('/publish_check')
def publish_check(): def publish_check():
# TODO: check if user created stream # TODO: check if user created stream
# get user # get user
try: stream_key = request.args.get('stream_key')
stream_key = request.form.get('stream_key')
print(stream_key)
username = request.form.get('name') username = request.form.get('name')
try:
stream_user = user.search_user(username)[0] stream_user = user.search_user(username)[0]
if username != stream_user['username']:
raise ValueError
except (IndexError): if username != stream_user['username'] or not jwt.verify(stream_key):
print('vish') raise ValueError('Invalid Token')
except (IndexError, ValueError):
return Response('Invalid Stream Key', 401) return Response('Invalid Stream Key', 401)
jwt.verify(stream_key)
return Response('OK', 200) return Response('OK', 200)
@stream.route('/test')
def test():
stream_key = request.args.get('stream_key')
if jwt.verify(stream_key):
return Response('OK', 200)
return Response('Invalid Stream Key', 401)
# jwt.verify(stream_key)