forked from SelfPrivacy/selfprivacy-rest-api
Allow using query params to fetch GraphQL
parent
aafc77dce3
commit
ba434f4fb5
|
@ -13,8 +13,9 @@ class IsAuthenticated(BasePermission):
|
||||||
message = "You must be authenticated to access this resource."
|
message = "You must be authenticated to access this resource."
|
||||||
|
|
||||||
def has_permission(self, source: typing.Any, info: Info, **kwargs) -> bool:
|
def has_permission(self, source: typing.Any, info: Info, **kwargs) -> bool:
|
||||||
return is_token_valid(
|
token = info.context["request"].headers.get("Authorization")
|
||||||
info.context["request"]
|
if token is None:
|
||||||
.headers.get("Authorization", "")
|
token = info.context["request"].query_params.get("token")
|
||||||
.replace("Bearer ", "")
|
if token is None:
|
||||||
)
|
return False
|
||||||
|
return is_token_valid(token.replace("Bearer ", ""))
|
||||||
|
|
Loading…
Reference in New Issue