Update routes/subscription.py
Browse files- routes/subscription.py +11 -0
routes/subscription.py
CHANGED
|
@@ -55,6 +55,17 @@ def verify_token(user_token: str) -> str:
|
|
| 55 |
"""
|
| 56 |
Valida o token JWT no Supabase e retorna o user_id se for válido.
|
| 57 |
"""
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 58 |
headers = {
|
| 59 |
"Authorization": f"Bearer {user_token}",
|
| 60 |
"apikey": SUPABASE_KEY,
|
|
|
|
| 55 |
"""
|
| 56 |
Valida o token JWT no Supabase e retorna o user_id se for válido.
|
| 57 |
"""
|
| 58 |
+
if not user_token or len(user_token.split('.')) != 3:
|
| 59 |
+
raise HTTPException(status_code=400, detail="Invalid JWT token format")
|
| 60 |
+
|
| 61 |
+
# Verificando o JWT
|
| 62 |
+
try:
|
| 63 |
+
jwt.decode(user_token, options={"verify_signature": False}) # Decodifica sem validar a assinatura, apenas para verificar o formato
|
| 64 |
+
except jwt.ExpiredSignatureError:
|
| 65 |
+
raise HTTPException(status_code=401, detail="Token expired")
|
| 66 |
+
except jwt.DecodeError:
|
| 67 |
+
raise HTTPException(status_code=401, detail="Invalid JWT token")
|
| 68 |
+
|
| 69 |
headers = {
|
| 70 |
"Authorization": f"Bearer {user_token}",
|
| 71 |
"apikey": SUPABASE_KEY,
|