X-Git-Url: https://git.mdrn.pl/wolnelektury.git/blobdiff_plain/e4ddfe1b3a3bfa982386284d9859c64862cb6c08..c83e534451c1ca43da0ed9585298a96f059f77fb:/src/api/request_validator.py

diff --git a/src/api/request_validator.py b/src/api/request_validator.py
index 55bd6fbdb..9a4be2da8 100644
--- a/src/api/request_validator.py
+++ b/src/api/request_validator.py
@@ -1,10 +1,9 @@
-# -*- coding: utf-8 -*-
 # This file is part of Wolnelektury, licensed under GNU Affero GPLv3 or later.
 # Copyright © Fundacja Nowoczesna Polska. See NOTICE for more information.
 #
 import time
 from oauthlib.oauth1 import RequestValidator
-from api.piston.models import Consumer, Nonce, Token
+from api.models import Consumer, Nonce, Token
 
 
 class PistonRequestValidator(RequestValidator):
@@ -20,7 +19,7 @@ class PistonRequestValidator(RequestValidator):
     # iOS app generates 8-char nonces.
     nonce_length = 8, 250
 
-    # Because piston.models.Token.key is char(18).
+    # Because Token.key is char(18).
     request_token_length = 18, 32
     access_token_length = 18, 32
     # TODO: oauthlib request-access switch.
@@ -33,7 +32,17 @@ class PistonRequestValidator(RequestValidator):
         return request.token.secret
 
     def get_access_token_secret(self, client_key, token, request):
-        return request.token.secret
+        if request.token:
+            return request.token.secret
+        else:
+            try:
+                token = Token.objects.get(
+                    token_type=Token.ACCESS,
+                    consumer__key=client_key,
+                    key=token
+                )
+            except: return None
+            return token.secret
 
     def get_default_realms(self, client_key, request):
         return ['API']