Merge pull request #139 from codebutler/develop

Use token_callback for checking tokens.
This commit is contained in:
Matt Wright
2013-07-24 07:01:29 -07:00
+4 -8
View File
@@ -53,21 +53,17 @@ def _check_token():
token = request.args.get(args_key, header_token)
if request.json:
token = request.json.get(args_key, token)
serializer = _security.remember_token_serializer
try:
data = serializer.loads(token)
except:
return False
user = _security.login_manager.token_callback(token)
user = _security.datastore.find_user(id=data[0])
if utils.md5(user.password) == data[1]:
if user and user.is_authenticated():
app = current_app._get_current_object()
_request_ctx_stack.top.user = user
identity_changed.send(app, identity=Identity(user.id))
return True
return False
def _check_http_auth():
auth = request.authorization or BasicAuth(username=None, password=None)