Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
version 4.0.1 (still) doesn't accept tokens created with version 3.4.5
See original GitHub issueThis is related to #461 that I thought I solved with pull request #463
I tried flask security 4.0.1 today, sending to it api tokens created with version 3.4.5, and endpoints decorated with
@flask_security.auth_token_required
failed to authenticate, returning
{
"meta": {
"code": 401
},
"response": {
"error": "You are not authenticated. Please supply the correct credentials."
}
}
In issue #461 I was advised to modify UserMixin.verify_auth_token to handle both old and new token formats. Putting some debugging statements into flask security, I noticed that while for successful calls using tokens made with 4.0.1 UserMixin.verify_auth_token gets called, with old tokens UserMixin.verify_auth_token doesn’t seem to get invoked.
Any chance there is some function earlier in the stack that also needs to be modified?
Issue Analytics
- State:
- Created 2 years ago
- Comments:7 (7 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Thanks - that would be great - conftest.py sets up an endpoint for testing @auth_token_required - look at test_common::test_token_auth_via_header_valid_token
instead of just getting the auth_token from logging in - use the same code you did before to create a 3.4.5 compatible token.
Ah, silly me, I assumed that if I installed flask-security with setup.py, then tests would be run against system-wide flask-security, instead of code in working directory, but after some quick checks I see I was wrong. My bad!