diff --git a/auth.py b/auth.py
index 6d7224c..e250c94 100644
--- a/auth.py
+++ b/auth.py
@@ -12,19 +12,27 @@ def csrf_token_generator(size=40, chars=string.ascii_uppercase + string.digits):
return ''.join(random.choice(chars) for _ in range(size))
-def generate_auth_token(user, expiration=600):
- s = Serializer(app_secret, expires_in=expiration)
+def generate_auth_token(user, expires_in=3000):
+ s = Serializer(app_secret, expires_in)
return s.dumps({'id': 1})
+def verify_token(token):
+ try:
+ s = Serializer(app_secret)
+ data = s.loads(token)
+ return data['id']
+ except:
+ return None
+
+
def check_basic_auth(user, passwd):
- '''
- TODO: check token too -- password will be 'unused'
- '''
- if user != app_user or passwd != app_password:
- return False
- else:
+ if passwd in ('', 'unused') and verify_token(user):
+ return True
+ elif user == app_user or passwd == app_password:
return True
+ else:
+ return False
def authenticate():
diff --git a/flasky.py b/flasky.py
index 79699bd..471db09 100644
--- a/flasky.py
+++ b/flasky.py
@@ -94,11 +94,10 @@ miscObjHandler = lambda obj: (
@app.route('/')
-@app.route('/flask/')
@crossdomain(origin='*')
def hello_world():
# return 'This comes from Flask ^_^'
- return render_template('layout.html')
+ return render_template('home.html')
@app.route('/movies/', methods=['GET'])
diff --git a/templates/home.html b/templates/home.html
new file mode 100644
index 0000000..6af704f
--- /dev/null
+++ b/templates/home.html
@@ -0,0 +1,14 @@
+{% extends "layout.html" %}
+{% block body %}
+Links
+
+{% endblock %}