only consider non expired tokens
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
parent
94ffb224e3
commit
713f8d6a19
|
@ -18,7 +18,7 @@ class MobileDeviceTokenAuthentication(BaseAuthentication):
|
||||||
"""Token-based authentication using HTTP Bearer authentication"""
|
"""Token-based authentication using HTTP Bearer authentication"""
|
||||||
auth = get_authorization_header(request)
|
auth = get_authorization_header(request)
|
||||||
raw_token = validate_auth(auth)
|
raw_token = validate_auth(auth)
|
||||||
device_token: MobileDeviceToken = MobileDeviceToken.objects.filter(token=raw_token).first()
|
device_token: MobileDeviceToken = MobileDeviceToken.filter_not_expired(token=raw_token).first()
|
||||||
if not device_token:
|
if not device_token:
|
||||||
return None
|
return None
|
||||||
CTX_AUTH_VIA.set("mobile_token")
|
CTX_AUTH_VIA.set("mobile_token")
|
||||||
|
|
Reference in New Issue