jackc/slop-farmer-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

raise an appropriate exception when token auth fails

Browse Source
This commit is contained in:
Jack Case
2025-10-25 15:26:44 +00:00
parent ba4ea2d717
commit a4c783b2d9
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
slopserver/server.py
View File

@@ -96,8 +96,10 @@ def generate_auth_token(username):
return encoded_jwt return encoded_jwt
def verify_auth_token(token: str): def verify_auth_token(token: str):
token = jwt.decode(token, TOKEN_SECRET, ALGO, verify=True) try:
token = jwt.decode(token, TOKEN_SECRET, ALGO, audience="slopserver")
except:
raise HTTPException(status_code=401, detail="invalid access token")
@app.post("/report") @app.post("/report")
async def report_slop(report: SlopReport, bearer: Annotated[str, AfterValidator(verify_auth_token), Header()]): async def report_slop(report: SlopReport, bearer: Annotated[str, AfterValidator(verify_auth_token), Header()]):
@@ -142,7 +144,7 @@ async def altcha_challenge():
async def simple_login(username: Annotated[str, Form()], password: Annotated[str, Form()]): async def simple_login(username: Annotated[str, Form()], password: Annotated[str, Form()]):
user = auth_user(username, password, DB_ENGINE) user = auth_user(username, password, DB_ENGINE)
if not user: if not user:
raise HTTPException(status_code=400, detail="Incorrect username or password") raise HTTPException(status_code=401, detail="Incorrect username or password")
token = generate_auth_token(username) token = generate_auth_token(username)
return {"access_token": token, "token_type": "bearer"} return {"access_token": token, "token_type": "bearer"}