async def get_access_token(
db: Session = Depends(deps.get_db),
*,
user: schemas.UserLoginForm,
Authorize: AuthJWT = Depends(),
) -> dict:
user = crud.user.authenticate(
db,
email=user.email,
password=user.password,
)
if not user:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=AuthError.INCORRECT_CREDS,
)
elif not crud.user.is_active(user):
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=AuthError.INACTIVE_USER,
)
access_token = Authorize.create_access_token(subject=user.email)
refresh_token = Authorize.create_refresh_token(subject=user.email)
return {
'access_token': access_token,
'refresh_token': refresh_token,
'token_type': 'bearer',
}
def get_cookie(Authorize: AuthJWT = Depends()):
access_token = Authorize.create_access_token(subject='test',fresh=True)
refresh_token = Authorize.create_refresh_token(subject='test')
Authorize.set_access_cookies(access_token)
Authorize.set_refresh_cookies(refresh_token)
return {"msg":"Successfully login"}
async def refresh(user: User = Depends(get_active_user_from_cookie),
Authorize: AuthJWT = Depends()):
try:
# set the user group
if user.account_type == 'admin':
user_claims = {'admin': True}
admin_logger.info(f"Admin refresh token: {user.email}")
elif user.account_type == 'filer':
user_claims = {'filer': True}
user_logger.info(f"User refresh token: {user.email}")
elif user.account_type == 'public':
user_claims = {'public': True}
user_logger.info(f"Public refresh token: {user.email}")
access_token = Authorize.create_access_token(subject=user.email,
user_claims=user_claims)
refresh_token = Authorize.create_refresh_token(subject=user.email,
user_claims=user_claims)
Authorize.set_refresh_cookies(refresh_token)
return {"success": True, "access_token": access_token}
except Exception as e:
logger.exception(traceback.format_exc())
handle_exc(e)
async def login_user(user_data: dict, Authorize: AuthJWT) -> dict:
user = await user_collection.find_one(
{'user_name': user_data['user_name']})
user_id = user['_id']
user_name = user['user_name']
# print(user_id)
# print(user_name)
# expiratiom of tokens
access_token_expire = datetime.timedelta(minutes=15)
refresh_token_expire = datetime.timedelta(days=1)
if (user is None) or (not auth_handler.get_verify_password(
user_data['password'], user['password'])):
raise HTTPException(status_code=401,
detail='Invalid username and/or password')
access_token = Authorize.create_access_token(
subject=user['user_name'], expires_time=access_token_expire)
refresh_token = Authorize.create_refresh_token(subject=user['user_name'])
# refresh_token = Authorize.create_refresh_token(
# subject=user['user_name'], expires_time=refresh_token_expire)
return {
'access_token': access_token,
'refresh_token': refresh_token,
'user_name': str(user_name),
'_id': str(user_id)
}
def login(
user: schemas.UserCreate,
db: Session = Depends(get_db),
Authorize: AuthJWT = Depends(),
):
crud.prune_blacklist(db)
_user = (db.query(models.User).filter(
models.User.username == user.username.casefold()).first())
if _user is not None and crud.verify_password(user.password,
_user.hashed_password):
# Create Tokens
access_token = Authorize.create_access_token(subject=user.username)
refresh_token = Authorize.create_refresh_token(subject=user.username)
# Assign cookies
Authorize.set_access_cookies(access_token)
Authorize.set_refresh_cookies(refresh_token)
return {
"login": "******",
"username": _user.username,
"access_token": access_token,
}
else:
raise HTTPException(status_code=400,
detail="Invalid Username or Password.")
def all_token_response(Authorize: AuthJWT = Depends()):
access_token = Authorize.create_access_token(subject=1, fresh=True)
refresh_token = Authorize.create_refresh_token(subject=1)
response = JSONResponse(content={"msg": "all token"})
Authorize.set_access_cookies(access_token, response)
Authorize.set_refresh_cookies(refresh_token, response)
return response
def get_token(Authorize: AuthJWT = Depends()):
access_token = Authorize.create_access_token(subject=1, fresh=True)
refresh_token = Authorize.create_refresh_token(subject=1)
Authorize.set_access_cookies(access_token)
Authorize.set_refresh_cookies(refresh_token)
return {"access": access_token, "refresh": refresh_token}
def login(user: User, Authorize: AuthJWT = Depends()):
if user.username != "test" or user.password != "test":
raise HTTPException(status_code=401, detail="Bad username or password")
access_token = Authorize.create_access_token(subject=user.username)
refresh_token = Authorize.create_refresh_token(subject=user.username)
return {"access_token": access_token, "refresh_token": refresh_token}
def create_token_for_user(Authorize: AuthJWT, user_id: str) -> Dict:
response = RedirectResponse(
f'{Config["routes"]["client"]}/login_callback?user_id={user_id}')
access_token = Authorize.create_access_token(subject=user_id)
refresh_token = Authorize.create_refresh_token(subject=user_id)
Authorize.set_access_cookies(access_token, response)
Authorize.set_refresh_cookies(refresh_token, response)
return response
def login(user: User, Authorize: AuthJWT = Depends()):
if user.username != 'test' or user.password != 'test':
raise HTTPException(status_code=401, detail='Bad username or password')
ret = {
'access_token': Authorize.create_access_token(identity=user.username),
'refresh_token': Authorize.create_refresh_token(identity=user.username)
}
return ret
def login(user: User, Authorize: AuthJWT = Depends()):
if user.username != "test" or user.password != "test":
raise HTTPException(status_code=401, detail="Bad username or password")
# You can define different algorithm when create a token
access_token = Authorize.create_access_token(subject=user.username,
algorithm="HS384")
refresh_token = Authorize.create_refresh_token(subject=user.username,
algorithm="HS512")
return {"access_token": access_token, "refresh_token": refresh_token}
def create_access_and_refresh_tokens(user_id: str, Authorize: AuthJWT):
try:
access_token = Authorize.create_access_token(subject=user_id)
Authorize.set_access_cookies(access_token)
refresh_token = Authorize.create_refresh_token(subject=user_id)
Authorize.set_refresh_cookies(refresh_token)
except:
raise HTTPException(
status_code=500,
detail=f"Error while trying to create and refresh tokens")
def login(user: User, Authorize: AuthJWT = Depends()):
if user.username != "test" or user.password != "test":
raise HTTPException(status_code=401, detail="Bad username or password")
expires = datetime.timedelta(days=1)
refresh_expires = datetime.timedelta(days=2)
access_token = Authorize.create_access_token(subject=user.username,
expires_time=expires)
refresh_token = Authorize.create_refresh_token(
subject=user.username, expires_time=refresh_expires)
return {"access_token": access_token, "refresh_token": refresh_token}
def login(user: User, Authorize: AuthJWT = Depends()):
msg = password_check(user.password)
if len(msg) >= 1:
raise HTTPException(status_code=401,detail=msg)
# subject identifier for who this token is for example id or username from database
access_token = Authorize.create_access_token(subject=user.username)
refresh_token = Authorize.create_refresh_token(subject=user.username)
# Set the JWT cookies in the response
Authorize.set_access_cookies(access_token)
Authorize.set_refresh_cookies(refresh_token)
return {"msg":"Successfully login"}
def login(user: User):
if user.username != 'test' or user.password != 'test':
raise HTTPException(status_code=401, detail='Bad username or password')
# Use create_access_token() and create_refresh_token() to create our
# access and refresh tokens
ret = {
'access_token': AuthJWT.create_access_token(identity=user.username),
'refresh_token': AuthJWT.create_refresh_token(identity=user.username)
}
return ret
def login(user: User, Authorize: AuthJWT = Depends()):
if user.username != "test" or user.password != "test":
raise HTTPException(status_code=401, detail="Bad username or password")
# Create the tokens and passing to set_access_cookies or set_refresh_cookies
access_token = Authorize.create_access_token(subject=user.username)
refresh_token = Authorize.create_refresh_token(subject=user.username)
# Set the JWT cookies in the response
Authorize.set_access_cookies(access_token)
Authorize.set_refresh_cookies(refresh_token)
return {"msg": "Successfully login"}
def auth_jwt_encode_user(
auth_jwt: AuthJWT,
user: Optional[User] = None,
oauth: Optional[OAuth2Profile] = None,
oauth_name: Optional[str] = None,
fresh: bool = True,
) -> Tuple[str, str]:
if user is None and oauth is None:
raise UnauthorizedError(
"At least one of user and oauth2_profile should be provided."
)
if user is not None and oauth is not None:
raise UnauthorizedError(
"At most one of user and oauth2_profile should be provided."
)
if user is not None:
subject = str(user.id)
user_claims = JWTUserClaims(
category="user",
username=user.username,
email=user.email,
gravatar=user.gravatar,
student_id=user.student_id,
real_name=user.real_name,
role=user.role,
oauth_name=oauth_name,
is_active=user.is_active,
)
elif oauth is not None:
subject = str(oauth.account_id)
user_claims = JWTUserClaims(
category="oauth",
username=oauth.account_name,
email=oauth.account_email,
gravatar="",
student_id=oauth.student_id,
real_name=oauth.real_name,
oauth_name=oauth.oauth_name,
is_active=False,
)
else:
assert False
access_token = auth_jwt.create_access_token(
subject=subject,
user_claims=user_claims.dict(by_alias=True),
fresh=fresh,
)
refresh_token = auth_jwt.create_refresh_token(
subject=subject, user_claims={"oauthName": user_claims.oauth_name}
)
return access_token, refresh_token
def login(user: User, Authorize: AuthJWT = Depends()):
if user.username != "test" or user.password != "test":
raise HTTPException(status_code=401, detail="Bad username or password")
"""
create_access_token supports an optional 'fresh' argument,
which marks the token as fresh or non-fresh accordingly.
As we just verified their username and password, we are
going to mark the token as fresh here.
"""
access_token = Authorize.create_access_token(subject=user.username,
fresh=True)
refresh_token = Authorize.create_refresh_token(subject=user.username)
return {"access_token": access_token, "refresh_token": refresh_token}
def test_refresh_required(client):
url = '/jwt-refresh-required'
# only refresh token allowed
token = AuthJWT.create_access_token(identity='test')
response = client.get(
url, headers={"Authorization": f"Bearer {token.decode('utf-8')}"})
assert response.status_code == 422
assert response.json() == {'detail': 'Only refresh tokens are allowed'}
token = AuthJWT.create_refresh_token(identity='test')
response = client.get(
url, headers={"Authorization": f"Bearer {token.decode('utf-8')}"})
assert response.status_code == 200
assert response.json() == {'hello': 'world'}
def login(
form_data: schemas.User_login,
db: Session = Depends(get_db),
Authorize: AuthJWT = Depends(),
):
status = crud.compare_password(db, form_data)
if not status:
raise HTTPException(status_code=400,
detail="Incorrect username or password")
access_token = Authorize.create_access_token(subject=form_data.email)
refresh_token = Authorize.create_refresh_token(subject=form_data.email)
return {"access_token": access_token, "refresh_token": refresh_token}
def user_login(credentials: Credentials,
Authorize: AuthJWT = Depends(),
db: Database = Depends(mysql_connection)):
Authorize.jwt_optional()
print(credentials)
if not db.is_user_registred(credentials.email, credentials.password):
raise HTTPException(status_code=401, detail="Bad credentials")
access_token = Authorize.create_access_token(subject=credentials.email)
refresh_token = Authorize.create_refresh_token(subject=credentials.email)
response = JSONResponse(
{"user_id": db.find_user_by_email(credentials.email)[0]})
Authorize.set_access_cookies(access_token, response)
Authorize.set_refresh_cookies(refresh_token, response)
return response
async def refresh_tokens(Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
current_user = Authorize.get_jwt_subject()
jti = Authorize.get_raw_jwt()['jti']
access_token = Authorize.create_access_token(subject=current_user)
refresh_token = Authorize.create_refresh_token(subject=current_user)
if not DEBUG_LOGIN:
app.state.redis.revoke_tokens(jti)
app.state.redis.save_tokens(Authorize.get_jti(access_token), Authorize.get_jti(refresh_token))
return {"access_token": access_token, "refresh_token": refresh_token, "result": True}
def login(user: User):
if user.username != 'test' or user.password != 'test':
raise HTTPException(status_code=401, detail='Bad username or password')
# create_access_token supports an optional 'fresh' argument,
# which marks the token as fresh or non-fresh accordingly.
# As we just verified their username and password, we are
# going to mark the token as fresh here.
ret = {
'access_token':
AuthJWT.create_access_token(identity=user.username, fresh=True),
'refresh_token':
AuthJWT.create_refresh_token(identity=user.username)
}
return ret
def login(user: User, Authorize: AuthJWT = Depends()):
"""
With authjwt_cookie_csrf_protect set to True, set_access_cookies() and
set_refresh_cookies() will now also set the non-httponly CSRF cookies
"""
if user.username != "test" or user.password != "test":
raise HTTPException(status_code=401, detail="Bad username or password")
# Create the tokens and passing to set_access_cookies or set_refresh_cookies
access_token = Authorize.create_access_token(subject=user.username)
refresh_token = Authorize.create_refresh_token(subject=user.username)
# Set the JWT and CSRF double submit cookies in the response
Authorize.set_access_cookies(access_token)
Authorize.set_refresh_cookies(refresh_token)
return {"msg": "Successfully login"}
async def login(user: UserLogin, res: Response, Authorize: AuthJWT = Depends(auth_token)):
user_exists = await UserFetch.filter_by_email(user.email)
if (
user_exists and
UserLogic.check_user_password(password=user.password,hashed_pass=user_exists.password)
):
access_token = Authorize.create_access_token(identity=user_exists.id,fresh=True)
refresh_token = Authorize.create_refresh_token(identity=user_exists.id)
return {
"access_token": access_token,
"refresh_token": refresh_token,
"username": user_exists.username
}
res.status_code = 422
return {"message":"Invalid credential"}
async def login(credentials: OAuth2PasswordRequestForm = Depends(),
Authorize: AuthJWT = Depends()):
user = await M.user_db.authenticate(credentials)
if user is None or not user.is_active:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ErrorCode.LOGIN_BAD_CREDENTIALS,
)
# raise HTTPException(status_code=401, detail="Bad username or password")
"""
create_access_token supports an optional 'fresh' argument,
which marks the token as fresh or non-fresh accordingly.
As we just verified their username and password, we are
going to mark the token as fresh here.
"""
access_token = Authorize.create_access_token(subject=str(user.id),
fresh=True)
refresh_token = Authorize.create_refresh_token(subject=str(user.id))
return {"access_token": access_token, "refresh_token": refresh_token}
async def login(request: Request, user: Login, Authorize: AuthJWT = Depends()):
# """
# create access and refresh token and save it as
# httponly cookie
# """
# query = USER.select().where(USER.c.email == user.email)
# data = await database.fetch_one(query)
data = await UserSchema.get(user.email)
if data == None or user.email != data['email'] or user.password != data[
'password']:
raise HTTPException(status_code=401, detail="Bad username or password")
token = Authorize.create_access_token(subject=user.email)
refresh_token = Authorize.create_refresh_token(subject=user.email)
Authorize.set_access_cookies(token)
Authorize.set_refresh_cookies(refresh_token)
return {"msg": "Successfully login"}
def login(
email: str = Body(...),
password: str = Body(...),
Authorize: AuthJWT = Depends(),
db: Session = Depends(get_db),
):
dbuser = userCRUD.authenticate(db, email=email, password=password)
if not dbuser:
raise HTTPException(status_code=401, detail="Failed to Authenticate")
refresh_token = Authorize.create_refresh_token(subject=dbuser.id)
access_token = Authorize.create_access_token(subject=dbuser.id,
user_claims={
"username":
dbuser.username,
"email": dbuser.email,
})
Authorize.set_refresh_cookies(refresh_token)
return {"access_token": access_token}
def obtain_token(user, db):
"""
- Authenticate and generate JWT token using valid username and password
"""
db_user = manager.get_user_by_username(db, username=user.username)
if db_user is None:
raise HTTPException(status_code=400, detail="Username not existed")
else:
is_password_correct = manager.check_username_password(db, user)
if is_password_correct is False:
raise HTTPException(status_code=400,
detail="Password is not correct")
else:
access_token = AuthJWT.create_access_token(identity=user.username)
refresh_token = AuthJWT.create_refresh_token(
identity=user.username)
return {
"access_token": access_token,
"refresh_token": refresh_token,
"token_type": "Bearer"
}
def login(user: LoginScheme, Authorize: AuthJWT = Depends()):
registered_user = UsersCollection.get_one_obj({"email": user.email})
if registered_user:
password_correct = UsersCollection.verify_password(
user.password, registered_user['password'])
if password_correct:
access_token = Authorize.create_access_token(
subject=registered_user['email'])
refresh_token = Authorize.create_refresh_token(
subject=registered_user['email'])
if not DEBUG_LOGIN:
app.state.redis.save_tokens(Authorize.get_jti(access_token),
Authorize.get_jti(refresh_token))
return {
"access_token": access_token,
"refresh_token": refresh_token,
"result": True,
"user_id": str(registered_user["_id"]),
"role": registered_user["role"]
}
return {"result": False, "msg": "Invalid credentials"}
