Nirodan
23 lines
744 B
Python
23 lines
744 B
Python
from flask import request
|
|
from jwt import decode, ExpiredSignatureError, InvalidTokenError
|
|
from util.logger import logger
|
|
|
|
SECRET_KEY = "bitte_hier_dein_geheimes_passwort_setzen" # später .env verwenden
|
|
|
|
def verify_token():
|
|
auth_header = request.headers.get("Authorization", "")
|
|
if not auth_header.startswith("Bearer "):
|
|
logger.warning("🔐 Invalid Bearer header")
|
|
return None
|
|
|
|
token = auth_header.replace("Bearer ", "")
|
|
try:
|
|
decoded = decode(token, SECRET_KEY, algorithms=["HS256"])
|
|
return decoded
|
|
except ExpiredSignatureError:
|
|
logger.warning("🔐 Token expired")
|
|
return None
|
|
except InvalidTokenError:
|
|
logger.warning("🔐 Invalid token")
|
|
return None
|