Example #1
0
def get_jwt_payload(config, socket_data=None):
    # Get token from request
    payload = {}
    auth_header = config.get('AUTH_HEADER', 'Authorization')
    authorization = None
    if is_socket() and socket_data:
        if 'headers' in socket_data and auth_header in socket_data['headers']:
            authorization = socket_data['headers'][auth_header]
    elif auth_header in request.headers:
        authorization = request.headers[auth_header]
    if not authorization:
        return payload
    # strip prefix
    prefix = config.get('AUTH_PREFIX', 'Bearer')
    token_parts = authorization.split()
    if len(token_parts) != 2 or token_parts[0] != prefix:
        return payload
    authorization = token_parts[1]
    # get payload from token
    secret = config['SECRET_KEY']
    algorithm = config.get('CRYPT_ALGO', 'HS256')
    try:
        options = {'verify_exp': False, 'verify_iat': False}
        payload = jwt.decode(authorization, secret, algorithm=algorithm, options=options)
    except jwt.InvalidTokenError:
        payload = {}
    print(payload)
    return payload
Example #2
0
        def inner(*args, **kwargs):

            def reject():
                if is_socket():
                    return ('unauthorized', {'error': 'Not Authorized!'}, UNAUTHORIZED)
                return ({'error': 'Not Authorized!'}, UNAUTHORIZED)

            config = args[0].app.config
            # get user from payload
            socket_data = None
            if is_socket():
                if len(args) == 2:
                    socket_data = args[1]
            payload = get_jwt_payload(config, socket_data)
            if 'user' not in payload:
                if reject:
                    return reject()
                else:
                    user = None
            else:
                user = deserialize_user(payload['user'])
                if not user and reject:
                    return reject()

            # Inject into function
            if 'current_user' in inspect.getargspec(fn).args:
                kwargs['current_user'] = user
            result = fn(*args, **kwargs)
            # refresh token
            if result and user is not None:
                payload = update_exp(payload, config)
                token = create_token(payload, config)
                header, token_string = header_string(token, config)
                params = list(result) if isinstance(result, tuple) else [result]
                if is_socket():
                    event = params.pop(0)
                message = params.pop(0) if params else None
                status = params.pop(0) if params else OK
                headers = params.pop(0) if params else {}
                headers[header] = token_string
                if is_socket():
                    result = (event, message, status, headers)
                else:
                    result = (message, status, headers)
            return result
Example #3
0
def authorize(controller, user, message='authorized', socket_data=None):
    config = controller.app.config
    # get current token payload if it exists
    payload = get_jwt_payload(config, socket_data)
    # make new token
    payload['user'] = serialize_user(user)
    # payload = update_exp(payload, config)
    token = create_token(payload, config)
    print(payload)
    # get headers
    header, token_string = header_string(token, config)
    headers = {header: token_string}
    message = {'message': message} if not isinstance(message, dict) else message
    if is_socket():
        return ('authorized', message, OK, headers)
    return (message, OK, headers)
Example #4
0
 def reject():
     if is_socket():
         return ('unauthorized', {'error': 'Not Authorized!'}, UNAUTHORIZED)
     return ({'error': 'Not Authorized!'}, UNAUTHORIZED)