def post(self): args = login_parser.parse_args() user = UserServiceProvider(args, ignore_username=True) user.role = user.get_role() status, service_provider = UserServiceProviderRepositories.match(user) if status: logging.debug( 'username [%s] app_key [%s] with role [%s] is now logged-in successfully' % (service_provider['username'], user.app_key, user.role)) access_token = create_access_token({ 'role': user.role, 'username': service_provider['username'], 'app_key': user.app_key }) refresh_token = create_access_token({ 'role': user.role, 'username': service_provider['username'], 'app_key': user.app_key }) access_jti = get_jti(encoded_token=access_token) refresh_jti = get_jti(encoded_token=refresh_token) try: revoked_store = redis.StrictRedis( host=AppConfig.get_redis_hostname(), port=AppConfig.get_redis_port(), db=0, decode_responses=True) revoked_store.set( access_jti, 'true', timedelta(minutes=AppConfig. get_jwt_access_token_expiry_in_mins()) * 1.2) revoked_store.set( refresh_jti, 'true', timedelta( days=AppConfig.get_jwt_refresh_token_expiry_in_days()) * 1.2) except Exception as e: logging.error( 'connection redis failed with :%s, cannot login user' % (e)) logging.error('username [%s] with role [%s] is not logged-in' % (service_provider['username'], user.role)) return API.response( STATUS_CODES.ERROR_LOGIN_FAILED_SYSTEM_ERROR, {}) res = { 'access_token': access_token, 'refresh_token': refresh_token } return API.response(STATUS_CODES.SUCCESS_USER_LOGGED_IN, res) else: logging.error('app_key [%s] with role [%s] is not logged-in' % (user.app_key, user.role)) return API.response(STATUS_CODES.ERROR_USER_LOGIN, {})
create_refresh_token, get_jti, jwt_refresh_token_required, get_jwt_identity, jwt_required, get_raw_jwt) from configs import AppConfig import routes import logging from pymongo import MongoClient server = Flask(__name__) server.config['JWT_SECRET_KEY'] = AppConfig.get_jwt_secret_key() server.config['PROPAGATE_EXCEPTIONS'] = True server.config['JWT_ACCESS_TOKEN_EXPIRES'] = timedelta( minutes=AppConfig.get_jwt_access_token_expiry_in_mins()) server.config['JWT_REFRESH_TOKEN_EXPIRES'] = timedelta( days=AppConfig.get_jwt_refresh_token_expiry_in_days()) server.config['JWT_BLACKLIST_ENABLED'] = True server.config['JWT_BLACKLIST_TOKEN_CHECKS'] = ['access', 'refresh'] jwt = JWTManager(server) @server.before_request def before_request_func(): g.db_client = MongoClient(AppConfig.get_database_uri()) g.face_recognition = face_recognition @jwt.user_claims_loader def add_claims_to_access_token(identity): return {'username': identity['username'], 'role': identity['role']}
from flask_jwt_extended import ( JWTManager, create_access_token, create_refresh_token, get_jti, jwt_refresh_token_required, get_jwt_identity, jwt_required, get_raw_jwt ) import routes import logging import os from configs import AppConfig server = Flask(__name__) server.config['JWT_SECRET_KEY'] = AppConfig.get_jwt_secret_key() server.config['PROPAGATE_EXCEPTIONS'] = True server.config['JWT_ACCESS_TOKEN_EXPIRES'] = timedelta(minutes=AppConfig.get_jwt_access_token_expiry_in_mins()) server.config['JWT_REFRESH_TOKEN_EXPIRES'] = timedelta(days=AppConfig.get_jwt_refresh_token_expiry_in_days()) server.config['JWT_BLACKLIST_ENABLED'] = True server.config['JWT_BLACKLIST_TOKEN_CHECKS'] = ['access', 'refresh'] jwt = JWTManager(server) @jwt.user_claims_loader def add_claims_to_access_token(identity): return { 'username': identity['username'], 'role': identity['role'] } @jwt.token_in_blacklist_loader def check_if_token_is_valid(decrypted_token): jti = decrypted_token['jti']