def login(request: _Parsed): json = request.json get = json.get user = get("user", "").strip().lower() password = get("password", "") invalids = [] if not user: invalids.append("username") if not password: invalids.append("password") if invalids: raise AppException(f"Invalid {' and '.join(invalids)}", code=401) user_data = get_user_by_id(user) password_hash = user_data.password_hash if not check_password_hash(password_hash, password): raise AppException("Incorrect Password", code=401) username = user_data.user access_token = create_token(issue_access_token(username)) refresh_token = create_token(issue_refresh_token(username, password_hash)) return json_response( {"data": { "success": True, "user_data": user_data.as_json }}, headers={ "x-access-token": access_token, "x-refresh-token": refresh_token }, )
def create_password_verification_token(user: UserTable): token = { "u": user.user, "ch": generate_password_hash(user.user + user.password_hash), "exp": time() + THREE_HOURS, } return create_token(token)
def re_authenticate(req: _Parsed): headers = flask_request.headers access_token = get_bearer_token(headers) decoded_access = decode_token(access_token) if decoded_access is None: refresh_token = headers.get("x-refresh-token") decoded_refresh = decode_token(refresh_token) access, refresh = regenerate_access_token(decoded_refresh) if access is None: raise AppException("re-auth", code=401) return json_response( {}, headers={ "x-access-token": create_token(access), "x-refresh-token": create_token(refresh), }, )
def create_email_verification_token(user: UserTable): # email = user.email # send_email token = {"u": user.user, "e": user.email, "exp": time() + THREE_HOURS} return create_token(token)