Nirodan
955bc9a7bf
- auth/login.py: guard against missing JSON body (get_json silent=True, empty-string check) - app.py: replace infinite redirect with 404 for unknown /api/* and /setup/* paths - tools/jwtdecoder.py: add algorithms list to jwt.decode() for PyJWT 2.x compatibility - util/setup_routes.py: call reset_pool() after save_config() so pool re-initialises with new DB credentials - util/logger.py: set ERROR level on error.log handler so it no longer receives INFO/WARNING messages - LoginForm.jsx: remove dead navigate() call that was immediately overridden by window.location.href - main.jsx: remove base.css, dark.css, light.css that were already imported in App.jsx (duplicate imports) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
30 lines
1.1 KiB
Python
30 lines
1.1 KiB
Python
from flask import Blueprint, request, jsonify
|
|
import jwt
|
|
from datetime import datetime, timezone
|
|
from util.logger import logger
|
|
from auth.token import verify_token
|
|
|
|
jwt_decoder_blueprint = Blueprint('jwt_decoder_tool', __name__)
|
|
|
|
|
|
@jwt_decoder_blueprint.route('/api/jwt/decode', methods=['POST'])
|
|
def decode_jwt():
|
|
user = verify_token()
|
|
if not user:
|
|
return jsonify({"message": "Nicht autorisiert"}), 401
|
|
try:
|
|
data = request.get_json()
|
|
token = data.get("token", "").strip()
|
|
header = jwt.get_unverified_header(token)
|
|
payload = jwt.decode(token, options={"verify_signature": False}, algorithms=["HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512"])
|
|
|
|
expired = False
|
|
if "exp" in payload:
|
|
expired = payload["exp"] < datetime.now(timezone.utc).timestamp()
|
|
|
|
logger.info(f"JWT dekodiert von {user['username']}")
|
|
return jsonify({"header": header, "payload": payload, "expired": expired})
|
|
except Exception as e:
|
|
logger.error(f"Fehler JWT decode: {e}")
|
|
return jsonify({"message": "Ungültiger JWT Token"}), 400
|