Decode the session cookie to get the Session object. Raises AuthException if the cookie is invalid or expired. Returns None if the session is not found.
(cookie: str)
| 148 | |
| 149 | |
| 150 | def _decode_session_cookie(cookie: str) -> Session | None: |
| 151 | """ |
| 152 | Decode the session cookie to get the Session object. |
| 153 | Raises AuthException if the cookie is invalid or expired. |
| 154 | Returns None if the session is not found. |
| 155 | """ |
| 156 | try: |
| 157 | data = jwt.decode(cookie, AUTH_COOKIE_SECRET, algorithms=[AUTH_JWT_ALGO]) |
| 158 | return Session.get(data['session_id']) |
| 159 | except (KeyError, jwt.InvalidTokenError): |
| 160 | raise AuthException("Could not decode internal session JWT.") |
| 161 | |
| 162 | |
| 163 | def _validate_request(request: Request) -> None: |
no test coverage detected
searching dependent graphs…