SelfPrivacy/selfprivacy-rest-api
1
0
Fork 0
mirror of https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git synced 2024-11-25 21:41:27 +00:00
Code Issues Projects Releases Wiki Activity

Allow using query params to fetch GraphQL

Browse source
This commit is contained in:
inexcode 2022-08-23 00:06:12 +04:00
parent aafc77dce3
commit ba434f4fb5
1 changed files with 6 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
selfprivacy_api/graphql/__init__.py
View file

@ -13,8 +13,9 @@ class IsAuthenticated(BasePermission):
message = "You must be authenticated to access this resource."
def has_permission(self, source: typing.Any, info: Info, **kwargs) -> bool:
return is_token_valid(
info.context["request"]
.headers.get("Authorization", "")
.replace("Bearer ", "")
)
token = info.context["request"].headers.get("Authorization")
if token is None:
token = info.context["request"].query_params.get("token")
if token is None:
return False
return is_token_valid(token.replace("Bearer ", ""))