def refreshToken():
jsondata = Helper.validarDataPost(request)
if jsondata == None:
return Helper.jsonResponse(400, "Json invalid " + str(jsondata), None)
ip = request.remote_addr
if 'token' in jsondata is False:
return Helper.jsonResponse(-1, "Token no puede estar vacio", None)
token = jsondata.get('token', '')
if token == '':
return Helper.jsonResponse(-2, "Parametro invalido", None)
# decode jwt
h, p, s = token.split(".")
if p == '' or p == None:
return Helper.jsonResponse(-3, "No valido", None)
stringp = decode_base64(p)
#parse String to Object json
payload = {}
try:
payload = json.loads(stringp)
except ValueError as err:
return Helper.jsonResponse(-4, "Error", None)
userId = payload.get('user_id', '')
if userId == '':
return Helper.jsonResponse(-5, "Error", None)
typeToken = payload.get('type', '')
if typeToken != 'refresh':
return Helper.jsonResponse(-6, "Error", None)
iat = datetime.datetime.now()
uuid = Helper.generarStringUuid()
payloadAccess = {
'jti': uuid,
'user_id': userId,
'exp': iat + datetime.timedelta(minutes=60),
'iat': iat,
'type': "access"
}
payloadRefresh = {
'jti': uuid,
'user_id': userId,
'exp': iat + datetime.timedelta(minutes=120),
'iat': iat,
'type': "refresh"
}
access_token = jwt.encode(payloadAccess, privateKey, JWT_ALGORITHM)
refresh_token = jwt.encode(payloadRefresh, privateKey, JWT_ALGORITHM)
return jsonify({
"code": 200,
"message": "Refrescado con exito",
"access_token": access_token.decode('UTF-8'),
"refresh_token": refresh_token.decode('UTF-8')
}), 200
def cifrarArchivo():
archivo = request.files['archivo']
stream = archivo.stream.read()
stream = stream.decode("utf-8")
rsa = Rsa()
firma = rsa.firmar(stream)
return Helper.jsonResponse(200, "Firmado", firma.decode("utf-8"))
def descifrarArchivo():
fromdata = request.form
signature = fromdata['signature']
archivo = request.files['archivo']
stream = archivo.stream.read()
rsa = Rsa()
check = rsa.validar(stream, signature)
return Helper.jsonResponse(200, "Verificacion", check)
def cifrarArchivo():
fromdata = request.form
passwd = fromdata['password']
archivo = request.files['archivo']
stream = archivo.stream.read()
stream = stream.decode("utf-8")
aes = Aes(passwd)
resultado = aes.encrypt(stream)
return Helper.jsonResponse(200, "Cifrado", resultado.decode("utf-8"))
def login():
jsondata = Helper.validarDataPost(request)
if jsondata == None:
return Helper.jsonResponse(400, "Json invalid " + str(jsondata), None)
ip = request.remote_addr
if 'username' in jsondata is False:
return Helper.jsonResponse(-1, "username no puede ser vacio", None)
if 'password' in jsondata is False:
return Helper.jsonResponse(-2, "Password no puede ser vacio", None)
user = jsondata.get('username', '')
passwd = jsondata.get('password', '')
if user == '':
return Helper.jsonResponse(-3, "Parametro invalido", None)
if passwd == '':
return Helper.jsonResponse(-4, "Parametro invalido", None)
hash_object = hashlib.sha1(passwd.encode())
hex_dig = hash_object.hexdigest()
usuarioValido = User.select().where(User.username == user).where(
User.password == str(hex_dig)).first()
if usuarioValido == None:
return Helper.jsonResponse(400, "Usuario y/o password incorrecto",
None)
iat = datetime.datetime.now()
uuid = Helper.generarStringUuid()
payloadAccess = {
'jti': uuid,
'user_id': user,
'exp': iat + datetime.timedelta(minutes=60),
'iat': iat,
'type': "access"
}
payloadRefresh = {
'jti': uuid,
'user_id': user,
'exp': iat + datetime.timedelta(minutes=120),
'iat': iat,
'type': "refresh"
}
access_token = jwt.encode(payloadAccess, privateKey, JWT_ALGORITHM)
refresh_token = jwt.encode(payloadRefresh, privateKey, JWT_ALGORITHM)
return jsonify({
"code": 200,
"message": "Autenticacion correcta",
"access_token": access_token.decode('UTF-8'),
"refresh_token": refresh_token.decode('UTF-8')
}), 200
def obtener():
users = User.select()
data = []
for user in users:
temp = {
"id": user.id,
"username": user.username,
"password": user.password,
"nombre": user.nombre,
"apellido": user.apellido
}
data.append(temp)
return Helper.jsonResponse(200, "Exito", data)
def registrar():
jsondata = Helper.validarDataPost(request)
if jsondata == None:
return Helper.jsonResponse(400, "Json invalid "+str(jsondata), None)
ip = request.remote_addr
if 'username' in jsondata is False:
return Helper.jsonResponse(-1, "username no puede ser vacio", None)
if 'password' in jsondata is False:
return Helper.jsonResponse(-2, "Password no puede ser vacio", None)
if 'nombre' in jsondata is False:
return Helper.jsonResponse(-3, "Password no puede ser vacio", None)
if 'apellido' in jsondata is False:
return Helper.jsonResponse(-4, "Password no puede ser vacio", None)
user = jsondata.get('username','')
passwd = jsondata.get('password','')
nombre = jsondata.get('nombre','')
apellido = jsondata.get('apellido','')
if user == '':
return Helper.jsonResponse(-5,"Parametro invalido", None)
if passwd == '':
return Helper.jsonResponse(-6,"Parametro invalido", None)
if nombre == '':
return Helper.jsonResponse(-7,"Parametro invalido", None)
if apellido == '':
return Helper.jsonResponse(-8,"Parametro invalido", None)
hash_object = hashlib.sha1(passwd.encode())
hex_dig = hash_object.hexdigest()
data = {
"user": user,
"passwd": passwd,
"nombre": nombre,
"apellido": apellido,
"sha1": str(hex_dig)
}
nuevo = User()
nuevo.username = user
nuevo.password = str(hex_dig)
nuevo.nombre = nombre
nuevo.apellido = apellido
ok = nuevo.save()
return Helper.jsonResponse(200, "Exito", data)
def before_request():
g.token = request.headers.get('Authorization','')
g.endpoint = request.endpoint
method = request.method
if method == 'OPTIONS':
return Helper.jsonResponse(200,"options methods ", None)