Python decode_access_token Beispiele

Beispiel #1

Datei: login.py Projekt: scionoftech/FastAPI-Full-Stack-Samples

def new_token(old_token: str = None, session_id: str = None) -> JSONResponse:
    """ Return Access Token"""
    if old_token and session_id:
        payload = access_token.decode_access_token(token=old_token)
        email = payload.get("sub")

        db_session = crud_login.check_active_session(session_id=session_id)
        session_time = datetime.strptime(str(db_session.created_timestamp),
                                         "%Y-%m-%d %H:%M:%S.%f")

        diff = datetime.utcnow() - session_time

        limit = ProjectSettings.SESSION_TOKEN_EXPIRE_SECONDS  # 12 hours

        if email == db_session.email and (
                db_session.status == "logged_in" or db_session.status == "active") \
                and diff.seconds < limit:
            crud_login.active_user(session_id=session_id)
            access_token_expires = timedelta(
                minutes=ProjectSettings.ACCESS_TOKEN_EXPIRE_MINUTES)
            token = access_token.create_access_token(
                data={"sub": email},
                expires_delta=access_token_expires)
            return JSONResponse(status_code=200,
                                content={"access_token": token,
                                         "token_type": "Bearer"})
        else:
            return JSONResponse(status_code=400,
                                content={"message": "session ended"})
    else:
        return JSONResponse(status_code=400,
                            content={"message": "invalid token"})

Beispiel #2

def get_current_admin(token: str = Depends(oauth2_scheme),
                      db: Session = Depends(get_db)) -> UserVerify:
    """ Verify User Authentication"""
    credentials_exception = HTTPException(
        status_code=status.HTTP_401_UNAUTHORIZED,
        detail="Could not validate credentials",
        headers={"WWW-Authenticate": "Bearer"},
    )
    expire_exception = HTTPException(
        status_code=status.HTTP_401_UNAUTHORIZED,
        detail="access expired",
        headers={"WWW-Authenticate": "Bearer"},
    )
    require_exception = HTTPException(
        status_code=status.HTTP_401_UNAUTHORIZED,
        detail="access denied",
        headers={"WWW-Authenticate": "Bearer"},
    )
    if token:
        try:
            payload = access_token.decode_access_token(token=token)
            token_validity = payload.get("exp")
            if get_int_from_datetime(datetime.utcnow()) >= token_validity:
                raise expire_exception
            email: str = payload.get("sub")
            if email is None:
                raise credentials_exception
            token_data = TokenData(email=email)
        except exceptions.JWTException as e:
            raise credentials_exception

        user = crud_users.verify_user(email=token_data.email, db=db)
        if user is None:
            raise credentials_exception

        if user.is_admin == False:
            raise credentials_exception

        return user
    else:
        raise require_exception