summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorJohn Estabrook <jestabro@vyos.io>2022-11-21 14:06:23 -0600
committerJohn Estabrook <jestabro@vyos.io>2022-11-21 16:06:09 -0600
commit05b60b2dc6bd2187501b2583cdaa27a90c45b1d5 (patch)
treec1659a48884715c72341d857464c5b13e0a4faa5 /src
parentd70350f356c8a0df79600f8863addce104b0eba4 (diff)
downloadvyos-1x-05b60b2dc6bd2187501b2583cdaa27a90c45b1d5.tar.gz
vyos-1x-05b60b2dc6bd2187501b2583cdaa27a90c45b1d5.zip
graphql: T4574: add specific error message if token has expired
Catch expiration error and return error-specific message instead of general 'not authenticated'.
Diffstat (limited to 'src')
-rw-r--r--src/services/api/graphql/graphql/mutations.py6
-rw-r--r--src/services/api/graphql/graphql/queries.py6
-rw-r--r--src/services/api/graphql/libs/token_auth.py3
3 files changed, 15 insertions, 0 deletions
diff --git a/src/services/api/graphql/graphql/mutations.py b/src/services/api/graphql/graphql/mutations.py
index 31cb1afc4..87ea59c43 100644
--- a/src/services/api/graphql/graphql/mutations.py
+++ b/src/services/api/graphql/graphql/mutations.py
@@ -73,6 +73,12 @@ def make_mutation_resolver(mutation_name, class_name, session_func):
info = kwargs['info']
user = info.context.get('user')
if user is None:
+ error = info.context.get('error')
+ if error is not None:
+ return {
+ "success": False,
+ "errors": [error]
+ }
return {
"success": False,
"errors": ['not authenticated']
diff --git a/src/services/api/graphql/graphql/queries.py b/src/services/api/graphql/graphql/queries.py
index 3a88e3c80..1ad586428 100644
--- a/src/services/api/graphql/graphql/queries.py
+++ b/src/services/api/graphql/graphql/queries.py
@@ -73,6 +73,12 @@ def make_query_resolver(query_name, class_name, session_func):
info = kwargs['info']
user = info.context.get('user')
if user is None:
+ error = info.context.get('error')
+ if error is not None:
+ return {
+ "success": False,
+ "errors": [error]
+ }
return {
"success": False,
"errors": ['not authenticated']
diff --git a/src/services/api/graphql/libs/token_auth.py b/src/services/api/graphql/libs/token_auth.py
index 3ecd8b855..2100eba7f 100644
--- a/src/services/api/graphql/libs/token_auth.py
+++ b/src/services/api/graphql/libs/token_auth.py
@@ -54,6 +54,9 @@ def get_user_context(request):
user_id: str = payload.get('sub')
if user_id is None:
return context
+ except jwt.exceptions.ExpiredSignatureError:
+ context['error'] = 'expired token'
+ return context
except jwt.PyJWTError:
return context
try: