only consider non expired tokens
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
parent
94ffb224e3
commit
713f8d6a19
|
@ -18,7 +18,7 @@ class MobileDeviceTokenAuthentication(BaseAuthentication):
|
|||
"""Token-based authentication using HTTP Bearer authentication"""
|
||||
auth = get_authorization_header(request)
|
||||
raw_token = validate_auth(auth)
|
||||
device_token: MobileDeviceToken = MobileDeviceToken.objects.filter(token=raw_token).first()
|
||||
device_token: MobileDeviceToken = MobileDeviceToken.filter_not_expired(token=raw_token).first()
|
||||
if not device_token:
|
||||
return None
|
||||
CTX_AUTH_VIA.set("mobile_token")
|
||||
|
|
Reference in New Issue