aji/authentication
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update logout to get jwt only from Bearer

Browse Source
This commit is contained in:
Dita Aji Pratama 2025-02-11 13:26:33 +07:00
parent a3dac61276
commit b6d5ee5848
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
modules/api/auth.py
View File

@ -447,7 +447,15 @@ class auth:
APIADDR = "/api/auth/logout" APIADDR = "/api/auth/logout"
loggorilla.prcss(APIADDR, "Define parameters") loggorilla.prcss(APIADDR, "Define parameters")
response = {} response = {}
jwt = params["jwt" ] loggorilla.prcss(APIADDR, "Extract the token from Header")
auth_header = request.get_header('Authorization')
loggorilla.prcss(APIADDR, "Check the bearer")
if auth_header.split(' ')[0] == 'Bearer':
loggorilla.fyinf(APIADDR, "Use bearer")
jwt = auth_header.split(' ')[1]
else:
loggorilla.fyinf(APIADDR, "Not use bearer")
jwt = None
payload = tokenguard.decode(jwt, globalvar.ssh['key']['public']) payload = tokenguard.decode(jwt, globalvar.ssh['key']['public'])
session_id = payload["session"]["id"] session_id = payload["session"]["id"]
self.cursor.execute("BEGIN;") self.cursor.execute("BEGIN;")