From 93e01c9797264d53429248b5420a17780a6d6c1d Mon Sep 17 00:00:00 2001
From: msramalho <19508417+msramalho@users.noreply.github.com>
Date: Mon, 21 Oct 2024 12:00:01 +0100
Subject: [PATCH] bug fix in security

---
 src/web/security.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/web/security.py b/src/web/security.py
index 97ba07b..b310782 100644
--- a/src/web/security.py
+++ b/src/web/security.py
@@ -62,7 +62,7 @@ def authenticate_user(access_token):
     if r.status_code != 200: return False, "invalid token"
     try:
         j = r.json()
-        if j.get("azp") not in settings.CHROME_APP_IDS and j.get("aud") not in seuser_grouttings.CHROME_APP_IDS:
+        if j.get("azp") not in settings.CHROME_APP_IDS and j.get("aud") not in settings.CHROME_APP_IDS:
             return False, f"token does not belong to valid APP_ID"
         if j.get("email") in settings.BLOCKED_EMAILS:
             return False, f"email '{j.get('email')}' not allowed"