def decorated_function(session, *args, **kws):
if 'authToken' not in request.headers:
abort(401)
try:
shortened_token = BlockstackAuth.short_jwt(
request.headers['authToken']
) # implicitly checks if its a token
username = BlockstackAuth.get_username_from_token(shortened_token)
user_inst: User = session.query(User).filter(
User.usernameUser == username).one()
# check if token matches "cached" token, if thats the case, we are done here... else:
if shortened_token != user_inst.authToken:
# verify token:
if BlockstackAuth.verify_auth_response(shortened_token):
# token is valid, save it to DB
user_inst.authToken = shortened_token
session.commit()
else:
# token invalid, abort
abort(401)
else: # token is valid
pass
except NoResultFound:
# User needs to register
abort(404)
except (KeyError, ValueError, DecodeError): # jwt decode errors
abort(401)
else:
tmp = func(user_inst, *args, **kws)
session.commit() # if user_inst get's changed
return tmp
def user_post(session):
"""
Handles POST for resource <base>/api/users .
:return: "{'status': 'User registered'}", 200
"""
username = request.headers.get('username', default=None)
firstname = request.headers.get('firstname', default=None)
lastname = request.headers.get('lastname', default=None)
email = request.headers.get('email', default=None)
auth_token = request.headers.get('authToken', default=None)
if None in [username, firstname, lastname, email, auth_token]:
return jsonify({'error': 'Missing parameter'}), 400
if "" in [username, firstname, lastname, email, auth_token]:
return jsonify({'error': "Empty parameter"}), 400
if re.match("^[a-zA-ZäÄöÖüÜ ,.'-]+$", firstname) is None or re.match(
"^[a-zA-ZäÄöÖüÜ ,.'-]+$", lastname) is None:
return jsonify({
'error':
'Firstname and/or lastname must contain only alphanumeric characters'
}), 400
acc = WEB3.eth.account.create()
try:
shortened_token = BlockstackAuth.short_jwt(auth_token)
username_token = BlockstackAuth.get_username_from_token(
shortened_token)
if username_token != username:
return jsonify(
{'error': 'username in token doesnt match username'}), 400
res = session.query(User).filter(
User.usernameUser == username).one_or_none()
if res is not None:
return jsonify({'status': 'User is already registered'}), 400
user_inst = User(usernameUser=username,
firstnameUser=firstname,
lastnameUser=lastname,
emailUser=email,
authToken=shortened_token,
publickeyUser=acc.address,
privatekeyUser=acc.key)
except (KeyError, ValueError, DecodeError): # jwt decode errors
return jsonify({'status': 'Invalid JWT'}), 400
session.add(user_inst)
session.commit()
return jsonify({'status': 'User registered'}), 201
def test_auth_user_valid3(testclient):
session = DB_SESSION()
res = session.query(User).filter(User.idUser == 6).one()
res.authToken = ""
session.commit()
headers = {"authToken": TOKEN_1}
res = testclient.get('/test', headers=headers)
assert res._status_code == 200
res = session.query(User).filter(User.idUser == 6).one()
assert res.authToken == BlockstackAuth.short_jwt(TOKEN_1)
def test_verify_no_token2():
with pytest.raises(DecodeError):
BlockstackAuth.verify_auth_response("test")
def test_verify_invalid6():
assert not BlockstackAuth.verify_auth_response(TOKEN_INVALID_ISS2)
def test_verify_valid3():
assert BlockstackAuth.verify_auth_response(TOKEN_3)
def test_shorten2():
assert len(BlockstackAuth.short_jwt(TOKEN_2)) < len(TOKEN_2)
def test_username2():
assert BlockstackAuth.get_username_from_token(
TOKEN_2) == "sw2020testuser2.id.blockstack"