Update app.py
Browse files
app.py
CHANGED
|
@@ -405,13 +405,13 @@ async def get_protected(
|
|
| 405 |
token: Optional[str] = None # token is Optional because it may come from the cookie
|
| 406 |
):
|
| 407 |
# Try to get the token from the query parameter first, then fall back to the cookie
|
| 408 |
-
|
| 409 |
-
if not
|
| 410 |
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Not authenticated xxx")
|
| 411 |
|
| 412 |
# Here verify_token is used directly in the endpoint
|
| 413 |
# If the token is invalid, verify_token will raise an HTTPException and the following lines will not be executed
|
| 414 |
-
user_email = verify_token(
|
| 415 |
|
| 416 |
# Get the user from the database
|
| 417 |
db_user = get_user_by_email(db, user_email)
|
|
|
|
| 405 |
token: Optional[str] = None # token is Optional because it may come from the cookie
|
| 406 |
):
|
| 407 |
# Try to get the token from the query parameter first, then fall back to the cookie
|
| 408 |
+
access_token = token or request.cookies.get("access_token")
|
| 409 |
+
if not access_token:
|
| 410 |
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Not authenticated xxx")
|
| 411 |
|
| 412 |
# Here verify_token is used directly in the endpoint
|
| 413 |
# If the token is invalid, verify_token will raise an HTTPException and the following lines will not be executed
|
| 414 |
+
user_email = verify_token(access_token) # Assuming that verify_token returns the user's email if the token is valid
|
| 415 |
|
| 416 |
# Get the user from the database
|
| 417 |
db_user = get_user_by_email(db, user_email)
|