def login():
data = request.get_json()
username = data.get("username", None)
password = data.get("password", None)
if not username or not password:
return {"message": "Please enter username and password"}
user = User.query.filter_by(username=username).first()
if user and user.password == password:
access_token = create_access_token(identity=user.id,
expires_delta=ACCESS_EXPIRES)
refresh_token = create_refresh_token(identity=user.id,
expires_delta=REFRESH_EXPIRES)
# print(get_datetime_now_s())
# decoded_token = decode_token(access_token)
# print(decoded_token['exp'])
TokenBlacklist.add_token_to_database(access_token, user.id)
TokenBlacklist.add_token_to_database(refresh_token, user.id)
return {
"access_token": access_token,
"refresh_token": refresh_token,
"user": user_schema.dump(user)
}
else:
return {"message": "Wrong username or password"}
def refresh():
user_id = get_jwt_identity()
if not user_id:
return {"message": "User not exists"}
access_token = create_access_token(identity=user_id,
expires_delta=ACCESS_EXPIRES)
refresh_token = create_refresh_token(identity=user_id,
expires_delta=REFRESH_EXPIRES)
TokenBlacklist.add_token_to_database(access_token, user_id)
TokenBlacklist.add_token_to_database(refresh_token, user_id)
return {"access_token": access_token, "refresh_token": refresh_token}
def add_token_to_database(encoded_token, identity_claim):
""" adds a new token to blacklist table, nor revoked """
decoded_token = decode_token(encoded_token)
jti = decoded_token["jti"]
token_type = decoded_token["type"]
user_identity = decoded_token[identity_claim]
revoked = False
expires = _epoch_utc_to_datetime(decoded_token["exp"])
token = TokenBlacklist(jti, token_type, user_identity, revoked, expires)
db.session.add(token)
db.session.commit()
def add_token_to_database(encoded_token, identity_claim):
"""
Adds a new token to the database. It is not revoked when it is added.
:param identity_claim:
"""
decoded_token = decode_token(encoded_token)
jti = decoded_token['jti']
token_type = decoded_token['type']
user_identity = decoded_token[identity_claim]
expires = _epoch_utc_to_datetime(decoded_token['exp'])
revoked = False
db_token = TokenBlacklist(
jti=jti,
token_type=token_type,
user_identity=user_identity,
expires=expires,
revoked=revoked,
)
db.session.add(db_token)
db.session.commit()
def remove_token_expiry():
with db.app.app_context():
TokenBlacklist.prune_database()
def check_if_token_is_revoked(decrypted_token):
return TokenBlacklist.is_token_revoked(decrypted_token)
def logout():
jti = get_raw_jwt()['jti']
TokenBlacklist.revoke_token(jti)
return {"message": "Logout success"}