I am using this tutorial to incorporate authentication into my app: http://ift.tt/1a7sQjq
At the moment I have the following route:
@app.route('/checkin/venue/<int:venue_id>', methods = ['POST'])
@auth.login_required
My verify_password function is quite similar to that specified in the tutorial except I am accessing my own db.
The issue is that when I generate a token, it can be used across multiple venue_id's even though the token was generated using the credentials of a singlevenue.
Is there a way that I could pass the venue_id variable to the function verify_password(email_or_token, password) so when I call verify_auth_token I will be able to check that the venue_id encoded in the token actually corresponds to that made in the call:
@app.route('/checkin/venue/<int:venue_id>', methods = ['POST'])
Thanks for your help.
Aucun commentaire:
Enregistrer un commentaire