pallets-eco / flask-jwt

JWT (JSON Web Tokens) for Flask applications
MIT License
564 stars 177 forks source link

Fix bug: Expired token would crash application #50

Open q3yi opened 9 years ago

q3yi commented 9 years ago

Expired token would crash application if the config JWT_VERIFY_EXPIRATION set to False with default token decode handler

Even when JWT_VERIFY_EXPIRATION is to False, the token would still be decode with TimedJSONWebSignatureSerializer, so if the token is expired a SignatureExpired will be threw out, and the local variable result in function _default_decode_handler would not be initialized, which would cause UnboundLocalError in function _default_decode_handler.

stephane commented 8 years ago

Not relevant anymore since the transition to pyjwt.