pypomes-jwt 1.1.6__py3-none-any.whl → 1.1.7__py3-none-any.whl

pypomes_jwt/jwt_pomes.py

@@ -38,6 +38,8 @@ def jwt_verify_request(request: Request) -> Response:
     """
     Verify whether the HTTP *request* has the proper authorization, as per the JWT standard.
 
+    This implementation assumes that HTTP requests are handled with the *Flask* framework.
+
     :param request: the *request* to be verified
     :return: *None* if the *request* is valid, otherwise a *Response* reporting the error
     """
@@ -47,15 +49,19 @@ def jwt_verify_request(request: Request) -> Response:
     # retrieve the authorization from the request header
     auth_header: str = request.headers.get("Authorization")
 
-    # was a 'Bearer' authorization obtained ?
+    # validate the authorization token
     bad_token: bool = True
     if auth_header and auth_header.startswith("Bearer "):
         # yes, extract and validate the JWT access token
         token: str = auth_header.split(" ")[1]
-        if jwt_validate_token(errors=None,
-                              nature="A",
-                              token=token):
-            bad_token = False
+        claims: dict[str, Any] = jwt_validate_token(errors=None,
+                                                    token=token,
+                                                    nature="A")
+        if claims:
+            login: str = request.values.get("login")
+            subject: str = claims["payload"].get("sub")
+            if not login or not subject or login == subject:
+                bad_token = False
 
     # deny the authorization
     if bad_token:

{pypomes_jwt-1.1.6.dist-info → pypomes_jwt-1.1.7.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: pypomes_jwt
-Version: 1.1.6
+Version: 1.1.7
 Summary: A collection of Python pomes, penyeach (JWT module)
 Project-URL: Homepage, https://github.com/TheWiseCoder/PyPomes-JWT
 Project-URL: Bug Tracker, https://github.com/TheWiseCoder/PyPomes-JWT/issues
@@ -12,5 +12,5 @@ Classifier: Programming Language :: Python :: 3
 Requires-Python: >=3.12
 Requires-Dist: cryptography>=44.0.2
 Requires-Dist: pyjwt>=2.10.1
-Requires-Dist: pypomes-core>=2.0.4
+Requires-Dist: pypomes-core>=2.0.5
 Requires-Dist: pypomes-db>=2.1.1

pypomes_jwt-1.1.7.dist-info/RECORD

@@ -0,0 +1,8 @@
+pypomes_jwt/__init__.py,sha256=NZzjWKnhjxNuoE32V6soKo9sG5ypmt25V0mBAh3rAIs,793
+pypomes_jwt/jwt_config.py,sha256=mtihd58_O00FuFXcNBKsabftG6UHu3Cj24i6cZXoskc,3096
+pypomes_jwt/jwt_pomes.py,sha256=wplcnbC1RGgfJ1VlFpRVtSXTSRfthEjqGec7S1CWHis,23858
+pypomes_jwt/jwt_registry.py,sha256=Zfhv5bn53UcSPuPSHns4AVMv7izrzd75HPp5eId2dck,21993
+pypomes_jwt-1.1.7.dist-info/METADATA,sha256=I9h4WUglqMoy7a_1uwwnG9FPi4DosV9NVZ_O1afJD7Q,632
+pypomes_jwt-1.1.7.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+pypomes_jwt-1.1.7.dist-info/licenses/LICENSE,sha256=NdakochSXm_H_-DSL_x2JlRCkYikj3snYYvTwgR5d_c,1086
+pypomes_jwt-1.1.7.dist-info/RECORD,,

pypomes_jwt-1.1.6.dist-info/RECORD

@@ -1,8 +0,0 @@
-pypomes_jwt/__init__.py,sha256=NZzjWKnhjxNuoE32V6soKo9sG5ypmt25V0mBAh3rAIs,793
-pypomes_jwt/jwt_config.py,sha256=mtihd58_O00FuFXcNBKsabftG6UHu3Cj24i6cZXoskc,3096
-pypomes_jwt/jwt_pomes.py,sha256=5d7xd0mCRbBZ65k0pMNeiF_UaZu5sfAojZDEs_wOT8Y,23509
-pypomes_jwt/jwt_registry.py,sha256=Zfhv5bn53UcSPuPSHns4AVMv7izrzd75HPp5eId2dck,21993
-pypomes_jwt-1.1.6.dist-info/METADATA,sha256=eTbk1Zi0snGQA9NAmmOW_pS0LwTWC5QFPNAYbu2LGNg,632
-pypomes_jwt-1.1.6.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-pypomes_jwt-1.1.6.dist-info/licenses/LICENSE,sha256=NdakochSXm_H_-DSL_x2JlRCkYikj3snYYvTwgR5d_c,1086
-pypomes_jwt-1.1.6.dist-info/RECORD,,