def login(): """Authenticate user and return token """ if not request.is_json: return jsonify({"msg": "Missing JSON in request"}), 400 username = request.json.get('username', None) password = request.json.get('password', None) if not username or not password: return jsonify({"msg": "Missing username or password"}), 400 user = User.query.filter_by(username=username).first() if user is None or not pwd_context.verify(password, user.password): return jsonify({"msg": "Bad credentials"}), 400 access_token = create_access_token(identity=user.id) refresh_token = create_refresh_token(identity=user.id) add_token_to_database(access_token, app.config['JWT_IDENTITY_CLAIM']) add_token_to_database(refresh_token, app.config['JWT_IDENTITY_CLAIM']) ret = { 'access_token': access_token, 'refresh_token': refresh_token } return jsonify(ret), 200
def login(): form = LoginForm(request.form) if request.method == 'POST' and form.validate(): uname = form.username.data hpassword = form.password.data if not uname or not hpassword: return jsonify({"msg": "The login form was not filled in correctly!"}), 400 else: found_usr = False for u in users: if u.username == uname: if check_password_hash(u.password, hpassword): ## stored, hashed pwd first; human entered pwd second found_usr = True mung = { 'access_token': create_access_token(identity=uname), 'refresh_token': create_refresh_token(identity=uname) } return redirect(url_for('protected', current_user=jsonify(mung), status=200)) else: flash('The password is wrong. Remember that it is case sensitive!') return redirect(url_for('login')) if found_usr == False: flash('The username is not on file. Maybe you have not registered yet?') return redirect(url_for('login')) return render_template('login.html', form=form)
def _authenticate_and_grant_tokens(json_in, with_refresh=False): username = json_in.get('username', None) password = json_in.get('password', None) if not (username and password): return invalid_username_password_problem user = User.query.filter_by(username=username).first() if user is None: return invalid_username_password_problem try: password = password.encode('utf-8') except UnicodeEncodeError: return invalid_username_password_problem if not user.active: return user_deactivated_problem if user.verify_password(password): response = {'access_token': create_access_token(identity=user.id, fresh=True)} if with_refresh: user.login(request.environ.get('HTTP_X_REAL_IP', request.remote_addr)) db.session.commit() response['refresh_token'] = create_refresh_token(identity=user.id) return response, OBJECT_CREATED else: return invalid_username_password_problem
def loginUser(): # If the HTTP Request is a 'GET' request if request.method == 'POST': # Show that a GET request is being recieved print("\n - POST REQUEST RECIEVED - \n") print("\n - In Route '/Login' - \n") loginData = request.get_json(force=True) # See json format jsonData = loginData['params'] # Pass the jsonData into our function to validate it jsonData = validateRequest(jsonData) print(jsonData) # If the data is in the correct format if jsonData['ok']: jsonData = jsonData['data'] user = mongo.db.Users.find_one({'email': jsonData['email']}) print(jsonData) global currentEmail currentEmail = jsonData['email'] print(currentEmail) try: # If the users password is correct if user and flask_bcrypt.check_password_hash(user['password'],jsonData['password']): print("Details correct!") # Delete their password and give them an access token del user['password'] access_token = create_access_token(identity=jsonData) refresh_token = create_refresh_token(identity=jsonData) user['token'] = access_token user['refresh'] = refresh_token # Return the information as JSON with status code 200 return jsonify({'ok': True, 'data': user, 'message': 'Record exists.. Creating access token and Logging in..'}), 200 else: raise ValueError("Invalid Salt") print('Caught this error: ' + repr(error)) except Exception as error: # If the list is empty due to an error with login details, motify the user return jsonify({'ok': False, 'message': 'Record does not exist. Please check log-in parameters.'}), 201 else: # Return a bad request response in JSON if the paramaters are incorrect return jsonify({'ok': False, 'message': 'Bad request parameters!'}), 202
def auth(): username = request.json.get('username', None) password = request.json.get('password', None) if username != 'admin' or password != pw: return jsonify({"msg": "Bad username or password"}), 401 # Use create_access_token() and create_refresh_token() to create our # access and refresh tokens ret = { 'access_token': create_access_token(identity=username), 'refresh_token': create_refresh_token(identity=username) } return jsonify(ret), 200
def post(self): data = _user_parser.parse_args() user = UserModel.find_by_username(data['username']) if user and safe_str_cmp(user.password, data['password']): access_token = create_access_token(identity=user.id, fresh=True) refresh_token = create_refresh_token(user.id) return { 'access_token': access_token, 'refresh_token': refresh_token }, 200 return {"message": "Invalid Credentials!"}, 401
def post(self): data = _user_parser.parse_args() user = UserModel.find_by_username(data['username']) # this is what the `authenticate()` function did in security.py if user and safe_str_cmp(user.password, data['password']): # identity= is what the identity() function did in security.py—now stored in the JWT access_token = create_access_token(identity=user.id, fresh=True) refresh_token = create_refresh_token(user.id) return { 'access_token': access_token, 'refresh_token': refresh_token }, 200 return {"message": "Invalid Credentials!"}, 401
def post(self): """Authenticates and generates a token""" schema = TokenSchema() data, errors = schema.load(current_app.api.payload) if errors: return errors, 400 try: user = User.get(email=data.email) except User.DoesNotExist: abort(403, 'No such user, or wrong password') if not user or not user.active: abort(403, 'No such user, or wrong password') if not verify_password(data.password, user.password): abort(403, 'No such user, or wrong password') access_token = create_access_token(identity=user.email) refresh_token = create_refresh_token(identity=user.email) access_expire = current_app.config['JWT_ACCESS_TOKEN_EXPIRES'] refresh_expire = current_app.config['JWT_REFRESH_TOKEN_EXPIRES'] resp = jsonify( { 'access': access_token, 'refresh': refresh_token, 'accessExpire': int(access_expire.total_seconds()), 'refreshExpire': int(refresh_expire.total_seconds()), } ) set_access_cookies(resp, access_token) set_refresh_cookies(resp, refresh_token) refresh_path = current_app.config['JWT_REFRESH_COOKIE_PATH'] refresh_secure = current_app.config['JWT_COOKIE_SECURE'] refresh_expire_date = datetime.now() + refresh_expire resp.set_cookie( 'refresh_expire', value=str(refresh_expire_date), expires=refresh_expire_date, path=refresh_path, httponly=True, secure=refresh_secure, ) return resp
def post(self): json_data = request.get_json(force=True) _account_login = json_data.get('login') _account_password = json_data.get('password') #need to add password encrypting, and comparison if _account_login: if validate_email(str(_account_login)): cursor = client.db.accounts.find_one( {'email': str(_account_login)}) else: cursor = client.db.accounts.find_one( {'username': str(_account_login)}) else: abort(422, message='Please provide a valid username/email.') if cursor == None: abort( 422, message= 'The username/email provided is not associated with an active account.' ) if cursor.get('password') == _account_password: _access_token = create_access_token( identity=cursor.get('username')) _refresh_token = create_refresh_token( identity=cursor.get('username')) bson_to_json = dumps(cursor) true_json_data = json.loads(bson_to_json) true_json_data['access_token'] = _access_token true_json_data['refresh_token'] = _refresh_token resp = jsonify({'user': true_json_data}) resp.status_code = 200 return resp else: abort(422, message= 'The current password does not match the password provided.')
def post() -> Response: """ POST response method for retrieving user web token. :return: JSON object """ data = request.get_json() user = Users.objects.get(email=data.get('email')) auth_success = user.check_pw_hash(data.get('password')) if not auth_success: return unauthorized() else: expiry = datetime.timedelta(days=5) access_token = create_access_token(identity=str(user.id), expires_delta=expiry) refresh_token = create_refresh_token(identity=str(user.id)) return jsonify({ 'result': { 'access_token': access_token, 'refresh_token': refresh_token, 'logged_in_as': f"{user.email}" } })
def post(self, args): """Authenticates and generates a token""" email = args.get('email', None) password = args.get('password', None) if email is None: abort(403, message='Email not provided') User = current_app.user_datastore.user_model try: user = User.get(email=email) except User.DoesNotExist: abort(403, message='No such user, or wrong password') if not user or not user.active: abort(403, message='No such user, or wrong password') if not verify_password(password, user.password): abort(403, message='No such user, or wrong password') access_token = create_access_token(identity=user.id) refresh_token = create_refresh_token(identity=user.id) access_expire = current_app.config['JWT_ACCESS_TOKEN_EXPIRES'] refresh_expire = current_app.config['JWT_REFRESH_TOKEN_EXPIRES'] resp = jsonify({ 'access': access_token, 'refresh': refresh_token, 'accessExpire': int(access_expire.total_seconds()), 'refreshExpire': int(refresh_expire.total_seconds()), }) set_access_cookies(resp, access_token) set_refresh_cookies(resp, refresh_token) refresh_path = current_app.config['JWT_REFRESH_COOKIE_PATH'] refresh_secure = current_app.config['JWT_COOKIE_SECURE'] refresh_expire_date = datetime.now() + refresh_expire resp.set_cookie( 'refresh_expire', value=str(refresh_expire_date), expires=refresh_expire_date, path=refresh_path, httponly=True, secure=refresh_secure, ) return resp
def post(self): """ Authentication endpoint """ username = api.payload.get('username') password = api.payload.get('password') user = mongo.db.users.find_one({'username': username}, {'_id': 0}) if not user: api.abort(404, 'User not found') if not check_password(password, user.get('password')): api.abort(401, 'Unauthorized') access_token = create_access_token(identity=user) refresh_token = create_refresh_token(identity=user) return { 'access_token': access_token, 'refresh_token': refresh_token, 'name': user.get('name'), }
def post(cls): user_json = request.get_json() user_data = user_schema.load(user_json, partial=("email", )) user = UserModel.find_by_username(user_data.username) if user and safe_str_cmp(user.password, user_data.password): confirmation = user.most_recent_confirmation if confirmation and confirmation.confirmed: access_token = create_access_token(identity=user.id, fresh=True) refresh_token = create_refresh_token(identity=user.id) return { "access_token": access_token, "refresh_token": refresh_token }, 200 return { "message": gettext("user_not_confirmed_error").format(user.username) }, 400 return {"message": gettext("user_invalid_credentials")}, 401
def post(self): print(request.headers) data = parser.parse_args() current_user = UserModel.find_by_username(data['username']) if not current_user: return { 'message': 'User {} doesn\'t exist'.format(data['username']) }, 500 if UserModel.verify_hash(data['password'], current_user.password): expires = timedelta(seconds=3600) access_token = create_access_token(identity=data['username'], expires_delta=expires) refresh_token = create_refresh_token(identity=data['username']) return { 'message': 'Logged in as {}'.format(current_user.username), 'access_token': access_token, 'refresh_token': refresh_token, 'user_id': data['username'] } else: return {'message': 'Wrong credentials'}, 500
def login(): """ Connexion de l'utilisateur """ json_data = request.get_json() if not json_data: return jsonify({'message': 'No input data provided'}), 400 # Validate and deserialize input try: data, errors = user_schema.load(json_data) print('username', data['username']) except: return jsonify({'message': 'Problème utilisation params'}), 400 username, password = data['username'], data['password'] if not username: return jsonify({"msg": "Missing username parameter"}), 400 if not password: return jsonify({"msg": "Missing password parameter"}), 400 current_user = UserModel.find_by_username(data['username']) if not current_user: return jsonify( {'message': 'User {} doesn\'t exist'.format(data['username'])}), 400 if UserModel.verify_hash(password, current_user.password): access_token = create_access_token(identity=data['username']) refresh_token = create_refresh_token(identity=data['username']) return jsonify({ 'message': 'Logged in as {}'.format(current_user.username), 'access_token': access_token, 'refresh_token': refresh_token }), 200 else: return jsonify({'message': 'Wrong credentials'}), 401
def post(self, *args, **kwargs): req_data = request.get_json() or None user = None login_schema = LoginSchema() schema = UserSchema() if req_data is None: return resp_data_invalid('Users', [], msg=MSG_NO_DATA) data, errors = login_schema.load(req_data) if errors: return resp_data_invalid('Users', errors) user = get_user_by_email(data.get('email')) if not isinstance(user, User): return user if not user.is_active(): return resp_notallowed_user('Auth') if checkpw( data.get('senha').encode('utf-8'), user.senha.encode('utf-8')): extras = { 'token': create_access_token(identity=user.email), 'refresh': create_refresh_token(identity=user.email) } result = schema.dump(user) return resp_ok('Auth', MSG_TOKEN_CREATED, data=result.data, **extras) return resp_notallowed_user('Auth')
def authorize(): token_resp = oauth.openstreetmap.authorize_access_token() token = token_resp["oauth_token"] token_secret = token_resp["oauth_token_secret"] resp = oauth.openstreetmap.get("user/details") if resp.status_code != 200: # Bad request of some kind - report failure # FIXME: Use proper status code return jsonify(msg="Bad Oauth Request"), 400 xml = resp.text etree = ET.fromstring(xml) user = etree.findall("user")[0] osm_uid = user.attrib["id"] display_name = user.attrib["display_name"] osm_token_row = OpenStreetMapToken.save( osm_uid=osm_uid, display_name=display_name, oauth_token=token, oauth_token_secret=token_secret ) identity=osm_token_row.user_id # FIXME: identity should be a hash, not user ID. # FIXME: User ID should also be a hash - though not the same as identity. access_token = create_access_token(identity) refresh_token = create_refresh_token(identity) # TODO: create a whitelist of callback URIs, allow callback URI to be issued at # /login endpoint. Should also create an API key that is associated with a given # callback URI - new clients are registered by creating a new pair of: # - API Key # - (short) list of allowed callback URIs consumer_callback_uri = current_app.config.get("CONSUMER_CALLBACK_URI") url = "{}?access_token={}&refresh_token={}".format(consumer_callback_uri, access_token, refresh_token) return redirect(url)
def post(cls): # get data from parser try: user_json = request.get_json() user_data = user_schema.load(user_json) except ValidationError as err: return err.messages, 400 # find the user in DB. user = UserModel.find_by_username(user_data.username) # check password if user and safe_str_cmp(user.password, user_data.password): # Black list all old refresh tokens before making new ones. BlacklistToken.revoke_all_old_refresh_tokens(user.id) # create access token access_token = create_access_token(identity=user.id, fresh=True) # create refresh token refresh_token = create_refresh_token(identity=user.id) # Lets store the tokens in the DB, as non-expired. new_access_token = BlacklistToken.create_new_token(access_token) new_refresh_token = BlacklistToken.create_new_token(refresh_token) new_access_token.save_to_db() new_refresh_token.save_to_db() return ( { "code": "login_success", "message": USER_LOGIN_SUCCESSFULLY, "access_token": access_token, "refresh_token": refresh_token, }, 200, ) return {"error": TOKEN_AUTH_INVALID_CREDENTIALS}, 401
def register(): user_data = request.get_json() new_user = User(firstname=user_data['firstname'], lastname=user_data['lastname'], email=user_data['email'], password=user_data['password']) if User.query.filter_by(email=new_user.email).first(): return {"error": "Email address already taken"} db.session.add(new_user) db.session.commit() access_token = create_access_token(identity=user_data['email']) refresh_token = create_refresh_token(identity=user_data['email']) return { 'email': user_data['email'], 'access_token': access_token, 'refresh_token': refresh_token }
def post(self): data = parser.parse_args() user_in_db = db.user.find_one({'username': data['username']}) print(data['password']) print(user_in_db) if user_in_db: if self.verify_hash(data['password'], user_in_db['hash']): # token_cursor = db.tokens.find({'username': data['username'], 'isActive': True}) # if token_cursor.count() > 0: # print(decode_token(token_cursor[0]['access_token'])['exp']) # if decode_token(token_cursor[0]['access_token'])['exp'] < datetime.datetime.utcnow(): # my_query = {'_id': token_cursor[0]['_id']} # new_values = {"$set": {'isActive': False}} # db.tokens.update_one(my_query, new_values) # print("access token expired") # # print(decode_token(token_cursor[0]['refresh_token'])['exp']) # else: access_token = create_access_token(identity=data['username'], expires_delta=ACCESS_EXPIRE) refresh_token = create_refresh_token( identity=data['username'], expires_delta=REFRESH_EXPIRE) print(decode_token(access_token)) print(decode_token(refresh_token)) return { 'message': 'you are logged in as {}'.format(data['username']), 'access_token': access_token, 'refresh_token': refresh_token } else: return {'message': 'password mismatch'}, 400 else: return { 'message': 'no user present with username as {}'.format(data['username']) }
def post(self): data = parser.parse_args() # 接收参数 if UserModel.find_by_username(data['username']): return { 'message': f'User {data["username"]} already exists', 'code': 1 } new_user = UserModel(username=data['username'], password=UserModel.generate_hash( data['password'])) try: new_user.save_to_db() access_token = create_access_token(identity=data['username']) refresh_token = create_refresh_token(identity=data['username']) return { 'message': f'User {data["username"]} .was created', 'access_token': access_token, 'refresh_token': refresh_token, 'code': 0 } except: return {'messaeg': 'Something went wrong', 'code': 1}, 500
def post(self): TAG = "Refresh:" start_time = time.time() current_user = get_jwt_identity() print(TAG, "current_user="******"iss": "chp-lab", "sub": "testuid", "aud": 1} result = { 'access_token': create_access_token(identity=payload), 'refresh_token': create_refresh_token(identity=payload) } elapsed_time = (time.time() - start_time) * 1000 print(TAG, "times=", elapsed_time, "ms") return { 'type': True, 'message': "success", 'elapsed_time_ms': elapsed_time, 'len': len(result), 'result': result, }, 200
def login(): obj = request.get_json(silent=True) if 'username' not in obj: err = helpers.generateError('username missing', 400) return helpers.handleResponse(err) if 'password' not in obj: err = helpers.generateError('password missing', 400) return helpers.handleResponse(err) if not verifyLogin(obj['username'], obj['password']): err = helpers.generateError('incorrect username or password', 400) return helpers.handleResponse(err) access_token = create_access_token(identity=obj['username']) refresh_token = create_refresh_token(identity=obj['username']) res = {} res['data'] = { 'accessToken': access_token, 'refreshToken': refresh_token, } return helpers.handleResponse(res, 200)
def test_fresh_jwt_required(app): jwtM = get_jwt_manager(app) url = '/fresh_protected' test_client = app.test_client() with app.test_request_context(): access_token = create_access_token('username') fresh_access_token = create_access_token('username', fresh=True) refresh_token = create_refresh_token('username') response = test_client.get(url, headers=make_headers(fresh_access_token)) json_data = json.loads(response.get_data(as_text=True)) assert response.status_code == 200 assert json_data == {'foo': 'bar'} response = test_client.get(url, headers=make_headers(access_token)) json_data = json.loads(response.get_data(as_text=True)) assert response.status_code == 401 assert json_data == {'msg': 'Fresh token required'} response = test_client.get(url, headers=None) json_data = json.loads(response.get_data(as_text=True)) assert response.status_code == 401 assert json_data == {'msg': 'Missing Authorization Header'} response = test_client.get(url, headers=make_headers(refresh_token)) json_data = json.loads(response.get_data(as_text=True)) assert response.status_code == 422 assert json_data == {'msg': 'Only access tokens can access this endpoint'} # Test with custom response @jwtM.needs_fresh_token_loader def custom_response(): return jsonify(msg='foobar'), 201 response = test_client.get(url, headers=make_headers(access_token)) json_data = json.loads(response.get_data(as_text=True)) assert response.status_code == 201 assert json_data == {'msg': 'foobar'}
def post(cls): # get data from parser data = _user_parser_.parse_args() # find user in databse user = UserModel.find_by_username(data['username']) # check password # This is what the 'authenticate()' function used to do. if user and safe_str_cmp(user.password, data['password']): # create access token # identity= is what the 'identity()' function used to do access_token = create_access_token(identity=user.id, fresh=True) # create refresh token (we will look at this later!) refresh_token = create_refresh_token(user.id) # return them return { 'access_token': access_token, 'refresh_token': refresh_token }, 200 return {'msg': 'Invalid credentials'}, 401
def login(): """Authenticate user and return token """ if not request.is_json: return jsonify({"msg": "Missing JSON in request"}), 400 username = request.json.get('username', None) password = request.json.get('password', None) if not username or not password: return jsonify({"msg": "Missing username or password"}), 400 user = User.query.filter_by(username=username).first() if user is None or not pwd_context.verify(password, user.password): return jsonify({"msg": "Bad credentials"}), 400 access_token = create_access_token(identity=user.id) refresh_token = create_refresh_token(identity=user.id) add_token_to_database(access_token, app.config['JWT_IDENTITY_CLAIM']) add_token_to_database(refresh_token, app.config['JWT_IDENTITY_CLAIM']) ret = {'access_token': access_token, 'refresh_token': refresh_token} return jsonify(ret), 200
def handle_user_creation(code, oauth_data) -> str: """ Handles user creation :parameters oauth application code and oauthdata(name, email) :returns success response or exception that is upper method catched """ name = oauth_data[0] email = oauth_data[1] image = oauth_data[2] local_access_token = '' user = User.query.filter_by(email=email).first() if user is None: user = User(name=name, email=email, imageUrl=image, password=None, role=UserRoles.NORMAL) try: db.session.add(user) db.session.commit() except Exception as ex: db.session.rollback() raise ex serialized_user = super(User, user).as_dict() local_access_token = create_access_token(identity=serialized_user) local_refresh_token = create_refresh_token(identity=serialized_user) return { 'access_token': local_access_token, 'refresh_token': local_refresh_token, 'user_id': user.id, 'code': 200 }, 200
def post(self): username = request.form.get('username', None) password = request.form.get('password', None) result = ConnectionModel.connect("user_info").find_one( {"username": username}) print(result) if not username: return jsonify({"message": "Username can't be kept empty"}) if not password: return jsonify({"message": "password can't be kept empty"}) if username and safe_str_cmp(result['password'], password): access_token = create_access_token(identity=username) refresh_token = create_refresh_token(identity=username) # Set the JWT cookies in the response resp = jsonify({"login": True}) print(type(resp)) set_access_cookies(resp, access_token) set_refresh_cookies(resp, refresh_token) return make_response(resp)
def novo_usuario(): session = current_app.db.session data = request.get_json() nome = data.get("nome") email = data.get("email") password = data.get("senha") usuario = UserModel(nome=nome, email=email, usuario_pontos=0) usuario.password = password access_token = create_access_token(identity=usuario.id, expires_delta=timedelta(days=5)) fresh_token = create_refresh_token(identity=usuario.id, expires_delta=timedelta(days=15)) session.add(usuario) session.commit() serialized = usario_serializer(usuario.id) return serialized, HTTPStatus.CREATED
def post(self): try: data = parser.parse_args() current_user = User.query.filter( User.username == data['username']).first() if not current_user: return {"error": "User not in DB. Register as a new user"} password = hashlib.md5(data['password'].encode()).hexdigest() if current_user.password == password: access_token = create_access_token(identity=data['username']) refresh_token = create_refresh_token(identity=data['username']) return { 'username': current_user.username, 'access_token': access_token, 'refresh_token': refresh_token } else: return {'error': 'Wrong credentials'} except: raise Exception("Cannot login user")
def post(self): data = _user_parser.parse_args() gestor = GestorModel.find_by_email(data['email']) # this is what the `authenticate()` function did in security.py if gestor and safe_str_cmp(gestor.password, data['password']): # identity= is what the identity() function did in security.py—now stored in the JWT access_token = create_access_token(identity2=gestor.id, fresh=True) refresh_token = create_refresh_token(gestor.id) return { 'access_token': access_token, 'refresh_token': refresh_token, 'username': gestor.username, 'id_gestor': gestor.id, 'tipo': gestor.tipo, 'message': 'dsfsdfsdf', 'msg': 'ok', 'st': '1' }, 200 return {"message": "Usuário ou senha inválido!"}, 401
def post(self): data = request.form data2 = json.dumps(data) data3 = json.loads(data2) email = data3["email"] password = data3["password"] user = User.get_by_email(email=email) if not user or not check_password(password, user.password): return { 'message': 'Email or password is incorrect' }, HTTPStatus.UNAUTHORIZED access_token = create_access_token(identity=user.username) refresh_token = create_refresh_token(identity=user.username) resp = make_response(redirect(url_for('dashboard'))) set_access_cookies(resp, access_token) set_refresh_cookies(resp, refresh_token) return resp
def login(args): """Log in to this server, receiving an authentication token in response.""" username = args['username'] password = args['password'] login = Login.query.filter_by(username=username).first() if login is None or not login.check_password(password): # Best security practice is to avoid telling a user whether # the username or password is incorrect. raise APIError(401, "Invalid username or password") login.last_login = datetime.now() login.last_action = datetime.now() db.session.add(login) db.session.commit() token = create_access_token(username) refresh = create_refresh_token(username) return jsonify(access_token=token, refresh_token=refresh, role=login.role.name), 200
def post(self): data = register_parser.parse_args() if models.UserModel.find_by_username(data['username']): return {'message': '{} exists'.format(data['username'])} new_user = models.UserModel( username=data['username'], password=models.UserModel.generate_hash(data['password']), name=data['name'] ) try: new_user.save_to_db() a_token = create_access_token(identity=data['username']) r_token = create_refresh_token(identity=data['username']) return { 'access_token': a_token, 'refresh_token': r_token, 'name': new_user.name } except: return {'message': 'Register Error'}, 500
def post(self): args = login_parser.parse_args() if len(args['userid']) > 100: return { 'message': 'username or email should be ' 'less than 100 characters' }, 400 try: cursor = mysql.get_db().cursor() sql = ''' SELECT user.id, password, username FROM user JOIN email ON user.id = email.user_id WHERE email.address = %s or user.username = %s ''' cursor.execute(sql, (args['userid'], args['userid'])) result = cursor.fetchone() except OperationalError as e: return error_resp(e) if not result: return ({'message': 'incorrect userid/password combination'}, 409) user_id, password, username = result if bcrypt.check_password_hash(password.decode('utf-8'), args['password']): access_token = create_access_token(identity=user_id) refresh_token = create_refresh_token(identity=user_id) resp_body = { 'message': f'username {username} ' f'logged in successfully' } resp = jsonify(resp_body) set_access_cookies(resp, access_token) set_refresh_cookies(resp, refresh_token) return resp return ({'message': 'incorrect userid/password combination'}, 409)
def post(self): data = parser.parse_args() new_user = UserModel(username=data['username'], password=UserModel.generate_hash( data['password'])) try: if UserModel.find_by_username(data['username']): return { 'message': 'User {} already exists'.format(data['username']) }, 401 new_user.save_to_db() access_token = create_access_token(identity=data['username']) refresh_token = create_refresh_token(identity=data['username']) return { 'message': 'User {} was created'.format(data['username']), 'access_token': access_token, 'refresh_token': refresh_token }, 200 except Exception as e: logger.error(f"There was an error: {e}") return {'message': 'Something went wrong'}, 500
def post(self): data = parser.parse_args() if UserModel.find_by_username(data['username']): return {'message': 'User {} already exists'.format(data['username'])} new_user = UserModel( username=data['username'], password=UserModel.generate_hash(data['password']) ) try: new_user.save_to_db() access_token = create_access_token(identity=data['username']) refresh_token = create_refresh_token(identity=data['username']) return { 'message': 'User {} was created'.format(data['username']), 'access_token': access_token, 'refresh_token': refresh_token } except: return {'message': 'Something went wrong'}, 500
def post(self): data = parser.parse_args() current_user = UserModel.find_by_username(data['username']) print(data) if not current_user: return { 'message': 'User {} doesn\'t exist'.format(data['username']) } if UserModel.verify_hash(data['password'], current_user.password): access_token = create_access_token(identity=data['username']) refresh_token = create_refresh_token(identity=data['username']) return json.dumps({ 'message': 'Logged in as {}'.format(current_user.username), 'access_token': access_token, 'refresh_token': refresh_token }) else: return {'message': 'Wrong credentials'}
def login(): email=request.json.get('email','') password=request.json.get('password','') user=User.query.filter_by(email=email).first() if user: pass_correct=check_password_hash(user.password,password) if pass_correct: access_token = create_access_token(identity=user.id) refresh_token = create_refresh_token(identity=user.id) return jsonify({'user':{ 'username':user.username, 'email':user.email, 'token':access_token, 'refresh_token':refresh_token, }}),HTTP_200_OK return jsonify({ 'message':"Invalid credentials", }),HTTP_401_UNAUTHORIZED
def login(): data = jsonify({'Authorized' : completion}) resp = get_response(data) if request.method == 'POST': json = request.json username = json.get("email") password = json.get("password") global completion completion = auth.authenticate(username, password) if completion == False: data = jsonify({'Authorized' : completion, "msg": "Bad username or password"}) return get_response(data), 401 data = jsonify({ 'Authorized' : completion, 'access_token' : create_access_token(identity=username), 'refresh_token' : create_refresh_token(identity=username) }) return get_response(data), 200 return resp
def login(username, password): if username is not None and password is not None: db_user = db.run( "MATCH (n:Person) WHERE n.email={username} RETURN n.name AS name, n.email AS email, n.password AS password, ID(n) AS user_id", {"username": username}) for person in db_user: if sha256_crypt.verify(password, person['password']): return {"access_token": create_access_token(identity=username), "refresh_token": create_refresh_token(identity=username), "user_id": person["user_id"]} raise AuthError("Username or password is incorrect") else: raise AuthError("Username and Password are required") raise AuthError("Authentication failed")
def login(self): """Login endpoint for the API returns a JWT and optionally a refresh token --- post: requestBody: required: true content: application/json: schema: type: object properties: username: type: string password: type: string provider: type: string enum: - db - ldap refresh: type: boolean responses: 200: description: Authentication Successful content: application/json: schema: type: object properties: access_token: type: string refresh_token: type: string 400: $ref: '#/components/responses/400' 401: $ref: '#/components/responses/401' 500: $ref: '#/components/responses/500' """ if not request.is_json: return self.response_400(message="Request payload is not JSON") username = request.json.get(API_SECURITY_USERNAME_KEY, None) password = request.json.get(API_SECURITY_PASSWORD_KEY, None) provider = request.json.get(API_SECURITY_PROVIDER_KEY, None) refresh = request.json.get(API_SECURITY_REFRESH_KEY, False) if not username or not password or not provider: return self.response_400(message="Missing required parameter") # AUTH if provider == API_SECURITY_PROVIDER_DB: user = self.appbuilder.sm.auth_user_db(username, password) elif provider == API_SECURITY_PROVIDER_LDAP: user = self.appbuilder.sm.auth_user_ldap(username, password) else: return self.response_400( message="Provider {} not supported".format(provider) ) if not user: return self.response_401() # Identity can be any data that is json serializable resp = dict() resp[API_SECURITY_ACCESS_TOKEN_KEY] = create_access_token( identity=user.id, fresh=True ) if refresh: resp[API_SECURITY_REFRESH_TOKEN_KEY] = create_refresh_token( identity=user.id ) return self.response(200, **resp)