diff options
author | John Estabrook <jestabro@vyos.io> | 2022-11-21 14:06:23 -0600 |
---|---|---|
committer | John Estabrook <jestabro@vyos.io> | 2022-11-21 16:06:09 -0600 |
commit | 05b60b2dc6bd2187501b2583cdaa27a90c45b1d5 (patch) | |
tree | c1659a48884715c72341d857464c5b13e0a4faa5 /src/services/api | |
parent | d70350f356c8a0df79600f8863addce104b0eba4 (diff) | |
download | vyos-1x-05b60b2dc6bd2187501b2583cdaa27a90c45b1d5.tar.gz vyos-1x-05b60b2dc6bd2187501b2583cdaa27a90c45b1d5.zip |
graphql: T4574: add specific error message if token has expired
Catch expiration error and return error-specific message instead of
general 'not authenticated'.
Diffstat (limited to 'src/services/api')
-rw-r--r-- | src/services/api/graphql/graphql/mutations.py | 6 | ||||
-rw-r--r-- | src/services/api/graphql/graphql/queries.py | 6 | ||||
-rw-r--r-- | src/services/api/graphql/libs/token_auth.py | 3 |
3 files changed, 15 insertions, 0 deletions
diff --git a/src/services/api/graphql/graphql/mutations.py b/src/services/api/graphql/graphql/mutations.py index 31cb1afc4..87ea59c43 100644 --- a/src/services/api/graphql/graphql/mutations.py +++ b/src/services/api/graphql/graphql/mutations.py @@ -73,6 +73,12 @@ def make_mutation_resolver(mutation_name, class_name, session_func): info = kwargs['info'] user = info.context.get('user') if user is None: + error = info.context.get('error') + if error is not None: + return { + "success": False, + "errors": [error] + } return { "success": False, "errors": ['not authenticated'] diff --git a/src/services/api/graphql/graphql/queries.py b/src/services/api/graphql/graphql/queries.py index 3a88e3c80..1ad586428 100644 --- a/src/services/api/graphql/graphql/queries.py +++ b/src/services/api/graphql/graphql/queries.py @@ -73,6 +73,12 @@ def make_query_resolver(query_name, class_name, session_func): info = kwargs['info'] user = info.context.get('user') if user is None: + error = info.context.get('error') + if error is not None: + return { + "success": False, + "errors": [error] + } return { "success": False, "errors": ['not authenticated'] diff --git a/src/services/api/graphql/libs/token_auth.py b/src/services/api/graphql/libs/token_auth.py index 3ecd8b855..2100eba7f 100644 --- a/src/services/api/graphql/libs/token_auth.py +++ b/src/services/api/graphql/libs/token_auth.py @@ -54,6 +54,9 @@ def get_user_context(request): user_id: str = payload.get('sub') if user_id is None: return context + except jwt.exceptions.ExpiredSignatureError: + context['error'] = 'expired token' + return context except jwt.PyJWTError: return context try: |