def user_login(username, password):
current_user = User.find_by_username(username)
if not current_user:
return {
'status': 'fail',
'message': 'User {} doesn\'t exist'.format(username)
}, 401
if current_user and current_user.check_password(password):
expiresAccesToken = datetime.timedelta(
seconds=int(JWT_ACCESS_TOKEN_EXPIRES))
expiresRefreshToken = datetime.timedelta(
seconds=int(JWT_REFRESH_TOKEN_EXPIRES))
access_token = create_access_token(identity=current_user.public_id,
expires_delta=expiresAccesToken)
refresh_token = create_refresh_token(identity=current_user.public_id,
expires_delta=expiresRefreshToken)
return {
'message': 'Logged in as {}'.format(current_user.username),
'access_token': access_token,
'refresh_token': refresh_token,
'expires': JWT_ACCESS_TOKEN_EXPIRES,
}
else:
return {'message': 'Wrong credentials'}, 403
def decorated(*args, **kwargs):
username = get_jwt_identity()
user = User.find_by_username(username)
if not user:
return {'message': 'User not found !'}, 404
if not user.admin:
return {
'status': 'fail',
'message': 'admin token required'
}, 401
return f(*args, **kwargs)
