fix: allow tokens without expiry date

basedosdados · Apr 30, 2024 · e671c10 · e671c10
1 parent 93406ca
commit e671c10
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/bd_api/apps/account_auth/views.py b/bd_api/apps/account_auth/views.py
@@ -131,8 +131,9 @@ def authorize(request: HttpRequest) -> Tuple[URI, Token, Domain, Account, Status
 
  # Token must have same domain,
  # its expiry date must be in the future, and it must be active.
- if token.domain == domain and token.expiry_date > timezone.now() and token.is_active:
- return redirect_uri, token, domain, token.user, True
+ if token.domain == domain and token.is_active:
+ if not token.expiry_date or token.expiry_date > timezone.now():
+ return redirect_uri, token, domain, token.user, True
 
  # If it isn't, it returns a 401.
  return redirect_uri, token, domain, token.user, False