diff --git a/.gitignore b/.gitignore index 5ce2a70..996f9f7 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,4 @@ playground* dist docs/build +venv/ diff --git a/colibris/authentication/jwt.py b/colibris/authentication/jwt.py index 842a002..063463e 100644 --- a/colibris/authentication/jwt.py +++ b/colibris/authentication/jwt.py @@ -1,5 +1,4 @@ -import jwt import re import time @@ -7,6 +6,12 @@ from .exceptions import AuthenticationException from .model import ModelBackend +import jwt + + +if jwt.__version__ < '2.0.0': + raise RuntimeError("The colibris project requires jwt > 2.0.0") + _AUTH_HEADER = 'Authorization' _AUTH_TOKEN_REGEX = re.compile('Bearer (.+)', re.IGNORECASE) @@ -47,7 +52,7 @@ def extract_auth_data(self, request): raise JWTException('missing token') try: - jwt_decoded = jwt.decode(token, verify=False) + jwt_decoded = jwt.decode(token, options={"verify_signature": False}) except jwt.DecodeError: raise JWTException('invalid token') @@ -71,7 +76,7 @@ def verify_identity(self, request, account, auth_data): secret = self.get_secret(account) try: - jwt.decode(auth_data['token'], key=secret, verify=True, algorithms=[JWT_ALG]) + jwt.decode(auth_data['token'], key=secret, algorithms=[JWT_ALG]) except jwt.InvalidSignatureError: raise JWTException('invalid signature') @@ -100,7 +105,7 @@ def build_jwt(self, account): 'exp': now + self.validity_seconds } - return jwt.encode(algorithm=JWT_ALG, payload=token_claims, key=self.get_secret(account)).decode() + return jwt.encode(algorithm=JWT_ALG, payload=token_claims, key=self.get_secret(account)) def process_response(self, request, response): response = super().process_response(request, response) diff --git a/setup.py b/setup.py index 87f5c96..fae453d 100644 --- a/setup.py +++ b/setup.py @@ -36,7 +36,7 @@ def find_version(): 'peewee>=3.9', 'peewee-moves>=2.1.0,<3.0', 'python-dotenv', - 'webargs>=5.2.0,<6.0' + 'webargs>=5.2.0,<6.0', ], url='https://github.com/colibris-framework/colibris', license='BSD',