def save_token(token): blacklist_token = BlacklistToken(token=token) try: #insert the token db.session.add(blacklist_token) db.session.commit() response_object = { 'status': 'success', 'message': 'Successfully logged out.' } return response_object, 200 except Exception as e: response_object = {'status': 'fail', 'message': e} return response_object, 200
def save_token(token): blacklist_token = BlacklistToken(token=token) try: db.session.add(blacklist_token) db.session.commit() response_object = { "status": "success", "message": "Successfully logged out" } return response_object, 200 except Exception as e: response_object = {"status": "fail", "message": e} return response_object, 200
def save_token(token): blacklist_token = BlacklistToken(token=token) try: db.session.add(blacklist_token) db.session.commit() return { 'status': 'success', 'msg': 'Successfully logged out' } except Exception as e: return { 'status': 'fail', 'msg': e }, 400
def decode_auth_token(auth_token): try: a = key payload = jwt.decode(auth_token, key, algorithms=['HS256']) is_blacklisted_token = BlacklistToken.check_blacklist(auth_token) if is_blacklisted_token: return 'Token blacklisted. Please log in again' else: return payload['sub'] except jwt.ExpiredSignatureError: return {"message": "'Signature expired. Please log in again'"} except jwt.InvalidTokenError: return {"message": "Invalid token. Please log in again"}
def decode_auth_token(auth_token): '''Decodes the auth token :param auth_token: return: integer|string''' try: payload = jwt.decode(auth_token, key) is_blacklisted_token = BlacklistToken.check_blacklist(auth_token) if is_blacklisted_token: return 'Token blacklisted. Please log in again.' else: return payload['sub'] except jwt.ExpiredSignatureError: return 'Signature expired. Please log in again.' except jwt.InvalidTokenError: return 'Invalid token. Please log in again.'
def save_token(token): blacklist_token = BlacklistToken(token=token) try: db.session.add(blacklist_token) db.session.commit() response_object = { 'status': True, 'message': 'Successfully logged out!' } return response_object, 200 except Exception as e: response_object = {'status': False, 'message': e} return response_object, 200
def save_token(token: str) -> Tuple[Dict[str, str], int]: blacklist_token = BlacklistToken(token=token) try: # insert the token db.session.add(blacklist_token) db.session.commit() response_object = { "status": "success", "message": "Successfully logged out." } return response_object, 200 except Exception as e: response_object = {"status": "fail", "message": e} return response_object, 200
def decode_auth_token(auth_token): try: print(auth_token) payload = jwt.decode(auth_token, key, algorithm='HS256') print("payload : ", payload) is_blacklisted_token = BlacklistToken.check_blacklist(auth_token) if is_blacklisted_token: return 'Token blacklisted. Please log in again.' else: return payload['sub'] except jwt.ExpiredSignatureError: return 'Signature expired. Please log in again.' except jwt.InvalidTokenError: return 'Invalid token. Please log in again.'
def decode_auth_token(auth_token): #Decodes the auth token #:param authtoken: #:return: int|str try: payload = jwt.decode(auth_token, key) is_blacklisted_token = BlacklistToken.check_blacklist(auth_token) if is_blacklisted_token: return "Token blacklisted. Please log in again." else: return payload['sub'] except jwt.ExpiredSignatureError: return "Signature expired. Please log in again." except jwt.InvalidTokenError: return "Invalid token. Please log in again."
def decode_auth_token(auth_token): """ Decodes the auth token :param auth_token: :return: integer|string """ try: payload = jwt.decode(auth_token, key, "utf-8") is_blacklisted_token = BlacklistToken.check_blacklist(auth_token) if is_blacklisted_token: return "Token blacklisted. Please log in again." else: return payload["sub"] except jwt.ExpiredSignatureError: return "Signature expired. Please log in again." except jwt.InvalidTokenError: return "Invalid token. Please log in again."
def decode_auth_token(auth_token): """ Decodes the auth token :param auth_token: :return: integer|string """ try: payload = jwt.decode(auth_token, key, algorithms='HS256') is_blacklisted_token = BlacklistToken.is_blacklisted(auth_token) if is_blacklisted_token: return 'Token blacklisted. Please log in again.' else: return payload['sub'] except jwt.ExpiredSignatureError: return 'Signature expired. Please log in again.' except jwt.InvalidTokenError: return 'Invalid token. Please log in again.'
def decode_auth_token(auth_token: str) -> Union[str, int]: """ Decodes the auth token :param auth_token: :return: integer|string """ try: payload = jwt.decode(auth_token, key, algorithms=["HS256"]) is_blacklisted_token = BlacklistToken.check_blacklist(auth_token) if is_blacklisted_token: return "Token blacklisted. Please log in again." else: return payload["sub"], payload["scope"] except jwt.ExpiredSignatureError: return "Signature expired. Please log in again." except jwt.InvalidTokenError: return "Invalid token. Please log in again."
def save_token(token: str) -> Tuple[Dict[str, str], int]: blacklist_token = BlacklistToken(token=token) try: # insert the token db.session.add(blacklist_token) db.session.commit() response_object = { 'status': 'Sucesso', 'message': 'Usuário deslogado com sucesso.' } return response_object, 200 except Exception as e: response_object = { 'status': 'Falha', 'message': e } return response_object, 200
def decode_auth_token(auth_token): """ Decodes the auth token :param auth_token: token to be decoded :return: string response """ try: payload = jwt.decode(auth_token, key) is_blacklisted_token = BlacklistToken.check_blacklist(auth_token) if is_blacklisted_token: return 'Token blacklisted. Please login again' else: return payload['sub'] except jwt.ExpiredSignatureError: return 'Signature expired' except jwt.InvalidTokenError: return 'Invalid token'
def decode_auth_token(auth_token: str) -> Union[str, int]: """ Decodes the auth token :param auth_token: :return: integer|string """ try: payload = jwt.decode(auth_token, key, algorithms='HS256') is_blacklisted_token = BlacklistToken.check_blacklist(auth_token) if is_blacklisted_token: return 'Conta deslogada. Por favor realizar o login novamente.' else: return payload['uid'] except jwt.ExpiredSignatureError: return 'Senha expirada. Por favor realizar o login novamente.' except jwt.InvalidTokenError: return 'Senha inválida. Por favor realizar o login novamente.'
def save_token(token): blacklist_token=BlacklistToken(token) try: db.session.add(blacklist_token) db.session.commit() response_obj={ 'status':'success', 'message':'Successfuly logged out' } return make_response(response_obj,status.HTTP_200_OK) except Exception as e: response_obj={'status':'fail', 'message':e} return make_response(response_obj,status.HTTP_200_OK)
def decode_auth_token(auth_token): """ Decodes the auth token :param auth_token: :return: integer|string """ logger.info(f"Decode Auth Token: {auth_token}") is_blacklisted_token = BlacklistToken.check_blacklist(auth_token) logger.info(f"is_blacklisted: {is_blacklisted_token}") if is_blacklisted_token: return {'error': 'Token blacklisted. Please log in again.'} else: try: payload = jwt.decode(auth_token, key, algorithms='HS256') return payload['sub'] except jwt.ExpiredSignatureError: return {'error': 'Signature expired. Please log in again.'} except jwt.InvalidTokenError: return {'error': 'Invalid token. Please log in again.'}
def decode_auth_token(auth_token): """ Decode Auth Token :param auth_token: :return: integer|string """ try: payload = jwt.decode(auth_token, key, algorithms=[JWT_ALGORITHM]) is_blacklisted_token = BlacklistToken.check_blacklist(auth_token) if is_blacklisted_token: return 'Token is expired. Please log in again.' return payload['sub'] except jwt.ExpiredSignature: return 'Signature expired. Please log in again' except jwt.InvalidTokenError: return 'Invalid token. Please login again'
def decode_auth_token(auth_token): """ 인증토큰 검증 :param auth_token: :return: integer|string """ try: payload = jwt.decode(auth_token, key, algorithms='HS256', verify=True) is_blacklisted_token = BlacklistToken.check_blacklist(auth_token) if is_blacklisted_token: return '인증 토큰, 재로그인 필요' else: return payload['sub'] except jwt.ExpiredSignatureError: return '인증만료, 재로그인 필요' except jwt.InvalidTokenError: return '유효하지 않은 인증, 재로그인 필요'
def decode_auth_token(auth_token): """ Decodes the auth token :param auth_token: :return: integer|string """ try: from app.main.service.auth_helper import Auth auth_token = (auth_token, Auth.remove_token_prefix(auth_token) )[Auth.token_has_prefix(auth_token)] payload = jwt.decode(auth_token, key) is_blacklisted_token = BlacklistToken.check_blacklist(auth_token) if is_blacklisted_token: return 'Token blacklisted. Please log in again.' else: return payload['sub'] except jwt.ExpiredSignatureError: return 'Signature expired. Please log in again.' except jwt.InvalidTokenError: return 'Invalid token. Please log in again.'
def decode_auth_token(auth_token: str) -> Union[str, int]: """ Decodes the auth token :param auth_token: :return: integer|string """ try: payload = jwt.decode(auth_token, key, algorithms='HS256') user = Usuario.query.filter_by(id=payload['uid']).first() is_blacklisted_token = BlacklistToken.check_blacklist(auth_token) if is_blacklisted_token: return 'Conta deslogada. Por favor realizar o login novamente.' elif user.ativo != True: return 'Conta invativa. Por favor entrar em contato com o administrador.' else: return payload['uid'] except jwt.ExpiredSignatureError: return 'Token expirado. Por favor realizar o login novamente.' except jwt.InvalidTokenError: return 'Token inválido. Por favor realizar o login novamente.'
def test_valid_blacklisted_token_logout(self): """ Test for logout after a valid token gets blacklisted """ with self.client: # usuario registration resp_register = register_user(self) data_register = json.loads(resp_register.data.decode()) self.assertTrue(data_register['status'] == 'success') self.assertTrue( data_register['message'] == 'Successfully registered.') self.assertTrue(data_register['Authorization']) self.assertTrue(resp_register.content_type == 'application/json') self.assertEqual(resp_register.status_code, 201) # usuario login resp_login = login_user(self) data_login = json.loads(resp_login.data.decode()) self.assertTrue(data_login['status'] == 'success') self.assertTrue(data_login['message'] == 'Successfully logged in.') self.assertTrue(data_login['Authorization']) self.assertTrue(resp_login.content_type == 'application/json') self.assertEqual(resp_login.status_code, 200) # blacklist a valid token blacklist_token = BlacklistToken( token=json.loads(resp_login.data.decode())['Authorization']) db.session.add(blacklist_token) db.session.commit() # blacklisted valid token logout response = self.client.post( '/auth/logout', headers=dict( Authorization='Bearer ' + json.loads( resp_login.data.decode() )['Authorization'] ) ) data = json.loads(response.data.decode()) self.assertTrue(data['status'] == 'fail') self.assertTrue(data['message'] == 'Token blacklisted. Please log in again.') self.assertEqual(response.status_code, 401)
def test_valid_blacklisted_token_logout(self): """ Test for logout after a valid token gets blacklisted """ with self.client: # user registration resp_register = register_user(self) data_register = json.loads(resp_register.data.decode()) self.assertTrue(data_register["status"] == "success") self.assertTrue( data_register["message"] == "Successfully registered.") self.assertTrue(data_register["Authorization"]) self.assertTrue(resp_register.content_type == "application/json") self.assertEqual(resp_register.status_code, 201) # user login resp_login = login_user(self) data_login = json.loads(resp_login.data.decode()) self.assertTrue(data_login["status"] == "success") self.assertTrue(data_login["message"] == "Successfully logged in.") self.assertTrue(data_login["Authorization"]) self.assertTrue(resp_login.content_type == "application/json") self.assertEqual(resp_login.status_code, 200) # blacklist a valid token blacklist_token = BlacklistToken( token=json.loads(resp_login.data.decode())["Authorization"]) db.session.add(blacklist_token) db.session.commit() # blacklisted valid token logout response = self.client.post( "/auth/logout", headers=dict( Authorization="Bearer " + json.loads(resp_login.data.decode())["Authorization"]), ) data = json.loads(response.data.decode()) self.assertTrue(data["status"] == "fail") self.assertTrue( data["message"] == "Token blacklisted. Please log in again.") self.assertEqual(response.status_code, 401)
def test_blacklist_repr(self): new_token = BlacklistToken(token='test token') self.assertEqual(repr(new_token), "<id: token: {}>".format(new_token.token))
def check_if_token_in_blacklist(decrypted_token): return ( BlacklistToken.check_blacklist(decrypted_token["jti"]) ) # Here we blacklist particular JWTs that have been created in the past.