web/flask-home-vod
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add Media-Token beside access token

Browse source 
Media-Token can be used only to access the content, but unable to modify user data
This commit is contained in:
Gergely Hegedus 2023-03-27 19:07:29 +03:00
parent 0a71a6c840
commit 1f06c40c4c
31 changed files with 516 additions and 762 deletions
Download patch file Download diff file Expand all files Collapse all files

16
server/flask/application/backend/media_access_requests.py Normal file
View file

@ -0,0 +1,16 @@
from flask import request, jsonify
from .require_decorators import get_cropped_token
from .data.data_models import ResponseCode
from .data import dao_session
from .data import dao_users
def handle_has_media_access():
media_token = get_cropped_token(request.headers.get('Media-Authorization'))
if (media_token is None):
errorResponse = jsonify({'message':'Missing Authorization!','code':ResponseCode.MISSING_MEDIA_AUTHORIZATION})
return errorResponse, 401
user_id = dao_session.get_user_for_media_token(media_token=media_token)
if (user_id is None):
errorResponse = jsonify({'message':'Invalid Authorization!','code':ResponseCode.INVALID_MEDIA_AUTHORIZATION})
return errorResponse, 401
return jsonify({'message':'Access Granted','code': ResponseCode.SUCCESS_MEDIA_ACCESS}), 200