Ejemplo n.º 1
0
def _load_user(identity):
    if has_user_loader():
        user = user_loader(identity)
        if user is None:
            raise UserLoadError("user_loader returned None for {}".format(identity))
        else:
            ctx_stack.top.jwt_user = user
Ejemplo n.º 2
0
def verify_jwt_token(encoded_token, token_type):
    from flask_jwt_extended.exceptions import NoAuthorizationError, UserLoadError
    from flask_jwt_extended import utils as jwt_utils
    from flask_jwt_extended.config import config as jwt_config

    if encoded_token is None:
        raise NoAuthorizationError('Missing "access_token" query parameter')

    token_data = decode_token(encoded_token)
    jwt_utils.verify_token_type(token_data, expected_type=token_type)
    jwt_utils.verify_token_not_blacklisted(token_data, token_type)
    jwt_utils.verify_token_claims(token_data)

    identity = token_data[jwt_config.identity_claim_key]
    if jwt_utils.has_user_loader():
        user = jwt_utils.user_loader(identity)
        if user is None:
            raise UserLoadError(
                "user_loader returned None for {}".format(identity))
Ejemplo n.º 3
0
    def is_accessible(self):
        try:

            token = request.args.get("jwt")
            if not token:
                token = urllib.parse.parse_qsl(request.args.get("url"))[0][1]
            decoded_token = decode_token(token)
            verify_token_not_blacklisted(decoded_token, request_type="access")
            ctx_stack.top.jwt = decoded_token
            if has_user_loader():
                user = user_loader(ctx_stack.top.jwt["identity"])
                if user is None:
                    raise UserLoadError(
                        "user_loader returned None for {}".format(user))
                ctx_stack.top.jwt_user = user

            current_user = get_jwt_identity()
            is_admin = UserModel.query.filter_by(
                username=current_user).one().admin
            return current_user and is_admin
        except Exception as e:
            current_app.logger.critical("FAULTY ADMIN UI ACCESS: %s", str(e))
            return False