only consider non expired tokens

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens Langhammer 2023-10-05 20:05:08 +02:00
parent 94ffb224e3
commit 713f8d6a19
No known key found for this signature in database
1 changed files with 1 additions and 1 deletions

View File

@ -18,7 +18,7 @@ class MobileDeviceTokenAuthentication(BaseAuthentication):
"""Token-based authentication using HTTP Bearer authentication"""
auth = get_authorization_header(request)
raw_token = validate_auth(auth)
device_token: MobileDeviceToken = MobileDeviceToken.objects.filter(token=raw_token).first()
device_token: MobileDeviceToken = MobileDeviceToken.filter_not_expired(token=raw_token).first()
if not device_token:
return None
CTX_AUTH_VIA.set("mobile_token")