def login():
"""Authenticate user and return token
"""
if not request.is_json:
return jsonify({"msg": "Missing JSON in request"}), 400
username = request.json.get('username', None)
password = request.json.get('password', None)
if not username or not password:
return jsonify({"msg": "Missing username or password"}), 400
user = User.query.filter_by(username=username).first()
if user is None or not pwd_context.verify(password, user.password):
return jsonify({"msg": "Bad credentials"}), 400
access_token = create_access_token(identity=user.id)
refresh_token = create_refresh_token(identity=user.id)
add_token_to_database(access_token, app.config['JWT_IDENTITY_CLAIM'])
add_token_to_database(refresh_token, app.config['JWT_IDENTITY_CLAIM'])
ret = {
'access_token': access_token,
'refresh_token': refresh_token
}
return jsonify(ret), 200
def refresh(self):
"""
Security endpoint for the refresh token, so we can obtain a new
token without forcing the user to login again
---
post:
responses:
200:
description: Refresh Successful
content:
application/json:
schema:
type: object
properties:
refresh_token:
type: string
401:
$ref: '#/components/responses/401'
500:
$ref: '#/components/responses/500'
"""
resp = {
API_SECURITY_REFRESH_TOKEN_KEY: create_access_token(
identity=get_jwt_identity(), fresh=False
)
}
return self.response(200, **resp)
def refresh():
current_user = get_jwt_identity()
try:
return makeResponse(payload={'access_token': create_access_token(identity=current_user)})
except Exception as e:
return makeResponse(error=e)
def post(self):
"""Refresh access token"""
email = get_jwt_identity()
try:
user = User.objects.get(email=email)
except User.DoesNotExist:
abort(403, 'No such user, or wrong password')
if not user.active:
abort(403, 'No such user, or wrong password')
access_expire = current_app.config['JWT_ACCESS_TOKEN_EXPIRES']
access_token = create_access_token(identity=user.email)
refresh_expire_date = datetime.strptime(
request.cookies['refreshExpire'],
'%Y-%m-%d %H:%M:%S.%f'
)
refresh_delta = refresh_expire_date - datetime.now()
resp = jsonify(
{
'access': access_token,
'accessExpire': int(access_expire.total_seconds()),
'refreshExpire': int(refresh_delta.total_seconds()),
}
)
set_access_cookies(resp, access_token)
return resp
def login():
'''Route to login'''
if not request.is_json:
return jsonify({"msg": "Missing JSON in request"}), 400
data = request.get_json()
username = data.get('username')
password = data.get('password')
dict_data = {'username': username, 'password': password}
if validate.val_none(**dict_data):
result = validate.val_none(**dict_data)
return jsonify(result), 406
if validate.empty(**dict_data):
result = validate.empty(**dict_data)
return jsonify(result), 406
person = User.users.items()
existing_user = {
k: v for k, v in person if data['username'] == v['username']}
if existing_user:
valid_user = [v for v in existing_user.values()
if check_password_hash(v['password'], password)]
if valid_user:
access_token = create_access_token(
identity=username)
if access_token:
response = {
'message': 'You are logged in successfully',
'access_token': access_token
}
return make_response(jsonify(response)), 200
else:
return jsonify({'message': 'Wrong password'}), 400
else:
return jsonify({'message': 'Non-existent user. Try signing up'}), 404
def login():
"""
Login the user using their Active Directory credentials.
:rtype: flask.Response
"""
req_json = request.get_json(force=True)
_validate_api_input(req_json, 'username', string_types)
_validate_api_input(req_json, 'password', string_types)
ad = adreset.ad.AD()
ad.login(req_json['username'], req_json['password'])
username = ad.get_loggedin_user()
guid = ad.get_guid(username)
user = User.query.filter_by(ad_guid=guid).first()
# If the user doesn't exist in the database, this must be their first time logging in,
# therefore, an entry for that user must be added to the database
if not user:
ad.log('debug', 'The user doesn\'t exist in the database, so it will be created')
user = User(ad_guid=guid)
db.session.add(user)
db.session.commit()
ad.log('debug', 'The user was successfully created in the database')
# The token's identity has the user's GUID since that is unique across the AD Forest and won't
# change if the account gets renamed
token = create_access_token(identity={'guid': user.ad_guid, 'username': username})
return jsonify({'token': token})
def login():
form = LoginForm(request.form)
if request.method == 'POST' and form.validate():
uname = form.username.data
hpassword = form.password.data
if not uname or not hpassword:
return jsonify({"msg": "The login form was not filled in correctly!"}), 400
else:
found_usr = False
for u in users:
if u.username == uname:
if check_password_hash(u.password, hpassword): ## stored, hashed pwd first; human entered pwd second
found_usr = True
mung = {
'access_token': create_access_token(identity=uname),
'refresh_token': create_refresh_token(identity=uname)
}
return redirect(url_for('protected', current_user=jsonify(mung), status=200))
else:
flash('The password is wrong. Remember that it is case sensitive!')
return redirect(url_for('login'))
if found_usr == False:
flash('The username is not on file. Maybe you have not registered yet?')
return redirect(url_for('login'))
return render_template('login.html', form=form)
def _authenticate_and_grant_tokens(json_in, with_refresh=False):
username = json_in.get('username', None)
password = json_in.get('password', None)
if not (username and password):
return invalid_username_password_problem
user = User.query.filter_by(username=username).first()
if user is None:
return invalid_username_password_problem
try:
password = password.encode('utf-8')
except UnicodeEncodeError:
return invalid_username_password_problem
if not user.active:
return user_deactivated_problem
if user.verify_password(password):
response = {'access_token': create_access_token(identity=user.id, fresh=True)}
if with_refresh:
user.login(request.environ.get('HTTP_X_REAL_IP', request.remote_addr))
db.session.commit()
response['refresh_token'] = create_refresh_token(identity=user.id)
return response, OBJECT_CREATED
else:
return invalid_username_password_problem
def loginUser():
# If the HTTP Request is a 'GET' request
if request.method == 'POST':
# Show that a GET request is being recieved
print("\n - POST REQUEST RECIEVED - \n")
print("\n - In Route '/Login' - \n")
loginData = request.get_json(force=True)
# See json format
jsonData = loginData['params']
# Pass the jsonData into our function to validate it
jsonData = validateRequest(jsonData)
print(jsonData)
# If the data is in the correct format
if jsonData['ok']:
jsonData = jsonData['data']
user = mongo.db.Users.find_one({'email': jsonData['email']})
print(jsonData)
global currentEmail
currentEmail = jsonData['email']
print(currentEmail)
try:
# If the users password is correct
if user and flask_bcrypt.check_password_hash(user['password'],jsonData['password']):
print("Details correct!")
# Delete their password and give them an access token
del user['password']
access_token = create_access_token(identity=jsonData)
refresh_token = create_refresh_token(identity=jsonData)
user['token'] = access_token
user['refresh'] = refresh_token
# Return the information as JSON with status code 200
return jsonify({'ok': True, 'data': user, 'message': 'Record exists.. Creating access token and Logging in..'}), 200
else:
raise ValueError("Invalid Salt")
print('Caught this error: ' + repr(error))
except Exception as error:
# If the list is empty due to an error with login details, motify the user
return jsonify({'ok': False, 'message': 'Record does not exist. Please check log-in parameters.'}), 201
else:
# Return a bad request response in JSON if the paramaters are incorrect
return jsonify({'ok': False, 'message': 'Bad request parameters!'}), 202
def refresh():
current_user = get_jwt_identity()
access_token = create_access_token(identity=current_user)
ret = {
'access_token': access_token
}
add_token_to_database(access_token, app.config['JWT_IDENTITY_CLAIM'])
return jsonify(ret), 200
def post(self):
username = request.json.get('username')
password = request.json.get('password')
user = authenticate(username, password)
if user is not None:
#token = user.generate_auth_token()
#return make_response(jsonify({'auth_token': token.decode('ascii')}), 200)
return make_response(jsonify({'auth_token': create_access_token(identity=username), 'success': 'true', 'profile': UserSchema().dump(user).data}), 200)
return abort(401, error="user not found")
def post(self):
"""
Get new token with valid token
"""
current_identity = import_user()
ret = {
'access_token': create_access_token(identity=current_identity)
}
return ret
def logged_in_headers(mock_user_ad):
"""Pytest fixture that creates a valid token for a user."""
# This is the GUID for "testuser2" which is a member of "ADReset Users"
guid = '10385a23-6def-4990-84a8-32444e36e496'
user = User(ad_guid=guid)
db.session.add(user)
db.session.commit()
token = create_access_token(identity={'guid': guid, 'username': '******'})
return {
'Authorization': 'Bearer {0}'.format(token),
'Content-Type': 'application/json'
}
def admin_logged_in_headers(mock_admin_ad):
"""Pytest fixture that creates a valid token for an admin."""
# This is the GUID for "testuser" which is a member of "ADReset Admins"
guid = '5609c5ec-c0df-4480-a94b-b6eb0fc4c066'
user = User(ad_guid=guid)
db.session.add(user)
db.session.commit()
token = create_access_token(identity={'guid': guid, 'username': '******'})
return {
'Authorization': 'Bearer {0}'.format(token),
'Content-Type': 'application/json'
}
def signin():
data = json.loads(request.data.decode('utf-8'))
username = data['username'] #request.json.get('username', None)
password = data['password'] # request.json.get('password', None)
if User.get_user_with_username_and_password(username, password) is None:
return jsonify({"msg": "Bad username or password"}), 401
# Identity can be any data that is json serializable
ret = {'access_token': create_access_token(identity=username),
'username': username}
return jsonify(ret), 200
def post(self):
"""
Get a new access token without requiring username and password—only the 'refresh token'
provided in the /login endpoint.
Note that refreshed access tokens have a `fresh=False`, which means that the user may have not
given us their username and password for potentially a long time (if the token has been
refreshed many times over).
"""
current_user = get_jwt_identity()
new_token = create_access_token(identity=current_user, fresh=False)
return {'access_token': new_token}, 200
def refresh(body=None, token_info=None, user=None):
current_user_id = get_jwt_identity()
user = User.query.filter(User.id == current_user_id).first()
if user is None:
revoke_token(get_raw_jwt())
return Problem(
UNAUTHORIZED_ERROR,
'Could not grant access token.',
'User {} from refresh JWT identity could not be found.'.format(current_user_id))
if user.active:
return {'access_token': create_access_token(identity=current_user_id, fresh=False)}, OBJECT_CREATED
else:
return user_deactivated_problem
def auth():
username = request.json.get('username', None)
password = request.json.get('password', None)
if username != 'admin' or password != pw:
return jsonify({"msg": "Bad username or password"}), 401
# Use create_access_token() and create_refresh_token() to create our
# access and refresh tokens
ret = {
'access_token': create_access_token(identity=username),
'refresh_token': create_refresh_token(identity=username)
}
return jsonify(ret), 200
def post(self):
data = _user_parser.parse_args()
user = UserModel.find_by_username(data['username'])
if user and safe_str_cmp(user.password, data['password']):
access_token = create_access_token(identity=user.id, fresh=True)
refresh_token = create_refresh_token(user.id)
return {
'access_token': access_token,
'refresh_token': refresh_token
}, 200
return {"message": "Invalid Credentials!"}, 401
def login(username, password):
if username is not None and password is not None:
db_user = db.run(
"MATCH (n:Person) WHERE n.email={username} RETURN n.name AS name, n.email AS email, n.password AS password, ID(n) AS user_id",
{"username": username})
for person in db_user:
if sha256_crypt.verify(password, person['password']):
return {"access_token": create_access_token(identity=username), "refresh_token": create_refresh_token(identity=username), "user_id": person["user_id"]}
raise AuthError("Username or password is incorrect")
else:
raise AuthError("Username and Password are required")
raise AuthError("Authentication failed")
def post(self):
"""
Get Json Web Token
"""
request_data = request.get_json()
username = request_data['username']
password = request_data['password']
user = User.query.filter_by(username=username).first()
if not user or not user.verify_password(password):
api.abort(code=401, message='Incorrect user or password')
ret = {'access_token': create_access_token(identity=user)}
return ret
def post(self):
data = _user_parser.parse_args()
user = UserModel.find_by_username(data['username'])
# this is what the `authenticate()` function did in security.py
if user and safe_str_cmp(user.password, data['password']):
# identity= is what the identity() function did in security.py—now stored in the JWT
access_token = create_access_token(identity=user.id, fresh=True)
refresh_token = create_refresh_token(user.id)
return {
'access_token': access_token,
'refresh_token': refresh_token
}, 200
return {"message": "Invalid Credentials!"}, 401
def post(self):
# global options
data = Authentication.parser.parse_args()
username = data['username']
password = data['password']
current_path = os.path.dirname(os.path.realpath(__file__))
options = utils.reading_json(current_path + '/storages/options.json')
if username == options.get('USERNAME'):
if password == options.get('PASSWORD'):
expires = datetime.timedelta(days=365)
token = create_access_token(username, expires_delta=expires)
return {'access_token': token}
return {'error': "Credentials Incorrect"}
def home():
"""Home page."""
form = LoginForm(request.form)
# Handle logging in
if request.method == 'POST':
if form.validate_on_submit():
login_user(form.user)
flash('You are logged in.', 'success')
# acquire rest api token
session['token'] = create_access_token(identity=form.user.id)
current_app.logger.debug('grant user {} rest api token {}'.format(form.user, session['token']))
redirect_url = request.args.get('next') or url_for('provider.apps')
return redirect(redirect_url)
else:
flash_errors(form)
return render_template('public/home.html', form=form)
def signup():
data = json.loads(request.data.decode('utf-8'))
username = data['username'] #request.json.get('username', None)
password = data['password'] # request.json.get('password', None)
if username is None or password is None:
return jsonify({"msg": "You must supply username and password"}), 401
u = User.query.filter_by(username=username).first()
if u:
return jsonify({"msg": "A user with the name " + username + " already exists"}), 401
u = User(username=username, password=password)
db.session.add(u)
db.session.commit()
# Identity can be any data that is json serializable
ret = {'access_token': create_access_token(identity=username)}
return jsonify(ret), 200
def post(self):
"""Authenticates and generates a token"""
schema = TokenSchema()
data, errors = schema.load(current_app.api.payload)
if errors:
return errors, 400
try:
user = User.get(email=data.email)
except User.DoesNotExist:
abort(403, 'No such user, or wrong password')
if not user or not user.active:
abort(403, 'No such user, or wrong password')
if not verify_password(data.password, user.password):
abort(403, 'No such user, or wrong password')
access_token = create_access_token(identity=user.email)
refresh_token = create_refresh_token(identity=user.email)
access_expire = current_app.config['JWT_ACCESS_TOKEN_EXPIRES']
refresh_expire = current_app.config['JWT_REFRESH_TOKEN_EXPIRES']
resp = jsonify(
{
'access': access_token,
'refresh': refresh_token,
'accessExpire': int(access_expire.total_seconds()),
'refreshExpire': int(refresh_expire.total_seconds()),
}
)
set_access_cookies(resp, access_token)
set_refresh_cookies(resp, refresh_token)
refresh_path = current_app.config['JWT_REFRESH_COOKIE_PATH']
refresh_secure = current_app.config['JWT_COOKIE_SECURE']
refresh_expire_date = datetime.now() + refresh_expire
resp.set_cookie(
'refresh_expire',
value=str(refresh_expire_date),
expires=refresh_expire_date,
path=refresh_path,
httponly=True,
secure=refresh_secure,
)
return resp
def authorize():
token_resp = oauth.openstreetmap.authorize_access_token()
token = token_resp["oauth_token"]
token_secret = token_resp["oauth_token_secret"]
resp = oauth.openstreetmap.get("user/details")
if resp.status_code != 200:
# Bad request of some kind - report failure
# FIXME: Use proper status code
return jsonify(msg="Bad Oauth Request"), 400
xml = resp.text
etree = ET.fromstring(xml)
user = etree.findall("user")[0]
osm_uid = user.attrib["id"]
display_name = user.attrib["display_name"]
osm_token_row = OpenStreetMapToken.save(
osm_uid=osm_uid,
display_name=display_name,
oauth_token=token,
oauth_token_secret=token_secret
)
identity=osm_token_row.user_id
# FIXME: identity should be a hash, not user ID.
# FIXME: User ID should also be a hash - though not the same as identity.
access_token = create_access_token(identity)
refresh_token = create_refresh_token(identity)
# TODO: create a whitelist of callback URIs, allow callback URI to be issued at
# /login endpoint. Should also create an API key that is associated with a given
# callback URI - new clients are registered by creating a new pair of:
# - API Key
# - (short) list of allowed callback URIs
consumer_callback_uri = current_app.config.get("CONSUMER_CALLBACK_URI")
url = "{}?access_token={}&refresh_token={}".format(consumer_callback_uri, access_token, refresh_token)
return redirect(url)
def login():
data = jsonify({'Authorized' : completion})
resp = get_response(data)
if request.method == 'POST':
json = request.json
username = json.get("email")
password = json.get("password")
global completion
completion = auth.authenticate(username, password)
if completion == False:
data = jsonify({'Authorized' : completion, "msg": "Bad username or password"})
return get_response(data), 401
data = jsonify({
'Authorized' : completion,
'access_token' : create_access_token(identity=username),
'refresh_token' : create_refresh_token(identity=username)
})
return get_response(data), 200
return resp
def post(cls):
current_user = get_jwt_identity()
new_token = create_access_token(identity=current_user, fresh=False)
return generate_message_json(HttpStatusCode.OK.value, new_token,
"access_token")
def refresh_access_token():
return jsonify(
{'access_token':
create_access_token(identity=get_jwt_identity())}), 200
def post(self):
current_user = get_jwt_identity()
token = create_access_token(identity=current_user, fresh=False)
return {'token': token}, HTTPStatus.OK
def refresh_token():
current_user = get_jwt_identity()
return jsonify(
SessionResponse(
None, create_access_token(identity=current_user),
create_refresh_token(identity=current_user)).to_dict()), 200
def get_access_token(grantType, identifier):
identity = {'grantType': grantType, 'identifier': identifier}
token = create_access_token(identity=identity)
return {'accessToken': token}
def post(self):
"""Refresh token for user to maintain user identity"""
current_user = get_jwt_identity()
ret = {'access_token': create_access_token(identity=current_user)}
return ret
def post(self):
current_user = get_jwt_identity()
access_token = create_access_token(identity=current_user)
return {'access_token': access_token}
def login():
'''
This router function attempts to fulfill a login request. During its
attempt, it returns a json string, with two values:
- username, user attempting to login
- integer, codified indicator of login attempt:
- 0, successful login
- 1, username does not exist
- 2, username does not have a password
- 3, supplied password does not match stored password
- 4, generic login failure:
- https://www.owasp.org/index.php/Authentication_Cheat_Sheet
Note: token authentication is stateless, since it doesn't require anything
to be queried from the server, to verify the user. The token is setup,
in such a way, where it is known, if the token is valid or not, and if
the token has been tampered with.
Note: more information on basic flask-jwt token authentication:
http://flask-jwt-extended.readthedocs.io/en/latest/basic_usage.html
'''
if request.method == 'POST':
account = Account()
# programmatic-interface: implement flask-jwt token
if request.get_json():
results = request.get_json()
username = results['user[login]']
password = results['user[password]']
# validate: check username exists
if (
account.check_username(username)['result'] and
account.get_uid(username)['result']
):
# database query: get hashed password, and userid
hashed_password = account.get_password(username)['result']
uid = account.get_uid(username)['result']
# notification: verify hashed password exists
if hashed_password:
# notification: verify password
if verify_pass(str(password), hashed_password):
# create and serialize uid token
access_token = create_access_token(identity=uid)
# return status
return json.dumps({'status': 0, 'access_token': access_token})
# notification: incorrect password
else:
return json.dumps({'status': 4})
# notification: user does not have a password
else:
return json.dumps({'status': 4})
# notification: username does not exist
else:
return json.dumps({'status': 4})
def __init__(self, username, password):
self.jwt = None
if username and password:
user = Users.objects(username=username, password=password)
if user:
self.jwt = create_access_token(identity=password)
def refresh():
user_id = flask_jwt_extended.get_jwt_identity()
access_token = flask_jwt_extended.create_access_token(identity=user_id)
return flask.json.jsonify(access_token=access_token), 200
def post(self):
current_user_id = get_jwt_identity() # Gets Identity from JWT
new_token = create_access_token(identity=current_user_id, fresh=False)
return {
"access_token": new_token,
}, 200
def refresh():
current_user = get_jwt_identity()
ret = {'access_token': create_access_token(identity=current_user)}
return jsonify(ret), 200
def post(self):
current_user = get_jwt_identity()
new_token = create_access_token(identity=current_user, fresh=False)
return {'access_token': new_token}, 200
def refresh():
current_user = get_jwt_identity()
return rest('success',
{"access_token": create_access_token(identity=current_user)})
def refresh():
user = User.query.get(get_jwt_identity())
if not user:
return error_response(401, "Unknown user.")
access_token = create_access_token(identity=user.id)
return jsonify(access_token=access_token)
def post(self):
# retrive the user's identity from the refresh token using a Flask-JWT-Extended built-in method
current_user = get_jwt_identity()
# return a non-fresh token for the user
new_token = create_access_token(identity=current_user, fresh=False)
return {'access_token': new_token}, 200
def create_token(id_user):
expires = datetime.timedelta(days=1)
return create_access_token(identity=id_user, expires_delta=expires)
def post(self):
current_user = get_jwt_identity()
claims = get_jwt_claims()
token = create_access_token(identity=current_user, user_claims=claims)
return {'token': token}, 200
def post(self):
current_user = get_jwt_identity()
new_access_token = create_access_token(identity=current_user)
return {'message': 'Refreshed token', 'access_token': new_access_token}
def register():
#if not request.is_form:
# return jsonify({"msg": "Missing Form request"}), 400
nombre = request.form.get('nombre', '')
apellido = request.form.get('apellido', '')
rut = request.form.get('rut', '')
email = request.form.get('email', None)
pais = request.form.get('pais', '')
ciudad = request.form.get('ciudad', '')
sexo = request.form.get('sexo', '')
password = request.form.get('password', None)
#avatar = request.json.get('avatar', '')
#VALIDACIONES OBLIGATORIAS
if not nombre or nombre == '':
return jsonify({"msg": "Missing nombre"}), 400
if not apellido or apellido == '':
return jsonify({"msg": "Missing apellido"}), 400
if not rut or rut == '':
return jsonify({"msg": "Missing rut"}), 400
if not email or email == '':
return jsonify({"msg": "Missing email"}), 400
if not pais or pais == '':
return jsonify({"msg": "Missing País"}), 400
if not ciudad or ciudad == '':
return jsonify({"msg": "Missing Ciudad"}), 400
if not password or password == '':
return jsonify({"msg": "Missing password."}), 400
user = User.query.filter_by(email=email).first()
if user:
return jsonify({"msg": "email already exist"}), 400
userrut = User.query.filter_by(rut=rut).first()
if userrut:
return jsonify({"msg": "rut already exist"}), 400
file = request.files['avatar']
if file and file.filename != '' and allowed_file(
file.filename, ALLOWED_EXTENSIONS_IMAGES
): #si existe el archivo y esta dentro de las extensiones permitidas
filename = secure_filename(file.filename)
file.save(
os.path.join(
os.path.join(app.config['UPLOAD_FOLDER'], 'images/avatars'),
filename))
else:
return jsonify({
"msg":
"Archivo no permitido, debe ser de extensión png, jpg, jpeg, gif o svg"
}), 400
user = User() # se crea una instancia de la clase User
#asignando valores a los campos corresp.
user.nombre = nombre
user.apellido = apellido
user.rut = rut
user.email = email
user.pais = pais
user.ciudad = ciudad
user.sexo = sexo
user.password = bcrypt.generate_password_hash(password)
if file:
user.avatar = filename
db.session.add(user) #se agrega todo lo anterior y se hace commit
db.session.commit()
access_token = create_access_token(identity=user.email)
data = {"access_token": access_token, "user": user.serialize()}
return jsonify(data), 201
def login():
if not (('uid' in session) and ('type' in session)):
fields = ['name', 'hno', 'sector', 'register']
dic = {}
data = request.get_json()
types = data.get('type')
print(types)
if data.get('type') == 'Shop Owner':
collection = database.Shops
else:
collection = database.Costumers
results = collection.find({
'email': data.get('email'),
'password': data.get('password')
})
if results.count() == 1:
products = []
orders = []
#session['uid']=results[0]['_id']
session['type'] = types
if types == 'Shop Owner':
session['shopcode'] = results[0]['code']
dic['shope'] = results[0]['sname']
obj = database.Products.find({'scode': results[0]['code']})
orj = database.Orders.find({'scode': results[0]['code']})
for objs in obj:
objs['_id'] = ''
products.append(objs)
for orjs in orj:
orjs['_id'] = ''
orders.append(orjs)
dic['products'] = products
dic['orders'] = orders
else:
orj = database.Orders.find({'ofname': data.get('email')})
obj = database.Products.find({})
for objs in obj:
objs['_id'] = ''
products.append(objs)
for orjs in orj:
orjs['_id'] = ''
orders.append(orjs)
dic['products'] = products
dic['orders'] = orders
for field in fields:
dic[field] = results[0][field]
access_token = create_access_token(identity={
'data': dic,
'types': types
})
return access_token
#return render_template('index.html',data=dic,types=types)
else:
flash('check username and password')
return jsonify({'error': 'Incorrect username and password'})
else:
return jsonify({'error': 'Incorrect'})
def generate_access_token_for_user(username: str, is_admin: bool):
"""Generate JWT token for user"""
return create_access_token(identity={
'username:'******'is_admin': is_admin
})
def token_refresh():
user_id = get_jwt_identity()
access_token = create_access_token(identity=user_id)
data = {'access_token': access_token}
return generate_success_response(data)
def test_image_get(client, access_token, sessions, lng, test_word,
test_word_01, test_word_02):
'''All possibilities are tested here.'''
image_id = '01_vblock_pix_001'
view_id = 'testing'
path_name = (f'./application/images/static/images/for_{view_id}/'
f'{image_id}.jpg')
if not os.path.exists(path_name):
if not os.path.exists(os.path.dirname(path_name)):
os.mkdir(os.path.dirname(path_name))
pix = open(path_name, 'w')
pix.close()
_uuid = uuid4()
sessions.setter(str(_uuid))
_tech_token = create_access_token(_uuid, expires_delta=False)
'''success'''
_headers = {
'Authorization': f'Bearer {_tech_token}',
'Content-Type': 'application/json',
'Accept-Language': lng
}
_params = {'view_id': view_id, 'identity': image_id}
resp = client.get(url_for('images_bp.imageshandling', **_params),
headers=_headers)
assert resp.status_code == 200
'''illigal chracters'''
_params = {'view_id': '_illigal_view_id', 'identity': image_id}
resp = client.get(url_for('images_bp.imageshandling', **_params),
headers=_headers)
assert resp.status_code == 400
assert resp.json.get('message').find(test_word) != -1
_params = {'view_id': view_id, 'identity': '_illigal_image_id'}
resp = client.get(url_for('images_bp.imageshandling', **_params),
headers=_headers)
assert resp.status_code == 400
assert resp.json.get('message').find(test_word) != -1
'''not found'''
_params = {'view_id': 'wrong_view_id', 'identity': image_id}
resp = client.get(url_for('images_bp.imageshandling', **_params),
headers=_headers)
assert resp.status_code == 404
assert resp.json.get('message').find(test_word_01) != -1
_params = {'view_id': view_id, 'identity': 'wrong_image_id'}
resp = client.get(url_for('images_bp.imageshandling', **_params),
headers=_headers)
assert resp.status_code == 404
assert resp.json.get('message').find(test_word_01) != -1
'''no token'''
_params = {'view_id': view_id, 'identity': image_id}
_headers.pop('Authorization')
resp = client.get(url_for('images_bp.imageshandling', **_params),
headers=_headers)
assert resp.status_code == 401
assert resp.json.get('description').find(test_word_02) != -1
# print('\ntest_images_get, resp ->', resp.status_code)
# print('test_images_get, resp ->', resp.json)
if os.path.exists(path_name):
os.remove(path_name)
def post(self):
current_user = get_jwt_identity()
new_token = create_access_token(identity=current_user, fresh=False)
return {'access_token': new_token}, 200
def get_token(user, password):
if compare(user.get('password'), password):
return {'access_token': create_access_token(user.get('id'))}, 200
else:
return {'error': 'wrong data'}, 401
def post(cls):
merchant_id = get_jwt_identity()
new_access_token = create_access_token(
identity=merchant_id, fresh=True) # creating new fresh token
return {"access_token": new_access_token}, 200
def provide_token(user):
return create_access_token(identity=user), create_refresh_token(
identity=user)
def get_refresh_token():
current_user = get_jwt_identity()
access_token = create_access_token(identity=current_user)
return jsonify({'access_token': access_token})
def post(self):
current_user = get_jwt_identity()
# fresh=True, means that all tokens would be fresh.
new_token = create_access_token(identity=current_user, fresh=False)
return {"access_token": new_token}, 200
def refresh_access_token():
current_user = get_jwt_identity()
return {
'access_token': create_access_token(identity=current_user),
'expires': app.config['JWT_ACCESS_TOKEN_EXPIRES']
}
def confirm_email(token):
'''This route takes in a token from the confirmation email
link to authenticate the user. It returns the user json object
as well as access and refresh token cookies and csrf headers
Arg {string} token
Returns {Object<json>} 200
success: {string}
user: {Object<json>}
'''
# Try to decode the jwt token
token = token.encode("utf-8")
try:
data = jwt.decode(token,
app.config.get('SECRET_KEY'),
algorithm='HS256')
# If the token is expired, return error
except jwt.ExpiredSignatureError:
# Signature has expired
return jsonify({'error':
'Reset token is expired. Please try again.'}), 400
# Get the user's id from the token
public_id = data['public_id']
# Try to get the user from the database
query = User.query.filter_by(public_id=public_id)
try:
user = query.one()
# If no user found, return error
except NoResultFound:
return jsonify(
{'error': ('Could not identify the user. '
' Please try again.')}),
404,
{'WWW-Authentication': 'Basic realm="Login required!"'}
# If some other sqlalchemy error is thrown, return error
except SQLAlchemyError:
return jsonify({'error': 'Some problem occurred!'}), 400
# Add a confirmation date to user and make status active
user.confirmed_at = datetime.utcnow()
user.is_active = True
# Try to add updated user to database
try:
db.session.commit()
# If username already in database, return error
except IntegrityError:
return jsonify({'error':
'Could not confirm user. Please try again.'}), 400
# If some other sqlalchemy error is thrown, return error
except SQLAlchemyError:
return jsonify({'error': 'Some problem occurred!'}), 400
# Serialize the user
user_schema = UserSchema()
output = user_schema.dump(user).data
# Create the tokens to be sent to the user
expires = timedelta(seconds=1800)
access_token = create_access_token(identity=user.public_id,
expires_delta=expires)
refresh_token = create_refresh_token(identity=user.public_id)
# Get the new csrf tokens to be sent as headers
csrf_access_token = get_csrf_token(access_token)
csrf_refresh_token = get_csrf_token(refresh_token)
# Create json response
response = make_response(
jsonify({
'user': output,
'success': 'Login successful!'
}), 200)
# Set access and refresh cookies and headers and return response
set_access_cookies(response, access_token)
set_refresh_cookies(response, refresh_token)
response.set_cookie('public_id', user.public_id)
response.headers['access'] = csrf_access_token
response.headers['refresh'] = csrf_refresh_token
return response
