def request_token():
"""
request_token takes in email and password, returns the authentication token
Returns:
[type]: [description]
"""
if request.json is None:
return Responses.OPERATION_FAILED()
email = request.json.get('email', None)
password = request.json.get('password', None)
user = User.authenticate(email, password)
# ensure email is confirmed
if not user.email_confirmed:
user.send_confirmation_email(user.email)
return Responses.UNCONFIRMED_USER()
if user:
token = create_access_token(identity=user.token_identity())
# refresh_token = create_refresh_token(identity=user.token_identity())
response, status = res()
set_access_cookies(response, token)
# set_refresh_cookies(response, refresh_token)
# identiti = get_jwt_identity()
# print(identiti)
# set token to httponly cookies
return response, status
return Responses.AUTHENTICATION_FAILED()
def get_current_user():
"""
get_user retruns user info for my account page
Returns:
(json string, status)
"""
identity = get_jwt_identity()
email = User.get_email_from_identity(identity)
if not email:
return Responses.AUTHENTICATION_FAILED()
user = User.get_user_by_email(email)
return res(user.as_dict())
def wrapper(*args, **kwargs):
# Verify if user token is valid (logginged)
if has_request_context():
try:
# token = get_jwt_identity()
# print(token)
verify_jwt_in_request()
except Exception as e:
print(e)
return Responses.AUTHENTICATION_FAILED()
identity = get_jwt_identity()
email = User.get_email_from_identity(identity)
if not email:
return Responses.AUTHENTICATION_FAILED()
#TODO add check if email is activated
# Verify if user is in the right role
if not User.authorisation(email, roles):
return Responses.AUTHORISATION_FAILED()
response, status = function(*args, **kwargs)
set_access_cookies(
response,
create_access_token(
identity=User.generate_token_identity(email)))
return response, status