Example #1
0
    def _get_tokens(self):
        with self.app.app_context():
            self.admin_access_token = 'JWT {}'.format(
                AccessTokenModelV2.create_access_token(self.admin, 'TEST'))
            self.admin_refresh_token = 'JWT {}'.format(
                RefreshTokenModelV2.create_refresh_token(self.admin, 'TEST'))

            self.student_access_token = 'JWT {}'.format(
                AccessTokenModelV2.create_access_token(self.student, 'TEST'))
            self.student_refresh_token = 'JWT {}'.format(
                RefreshTokenModelV2.create_refresh_token(self.student, 'TEST'))
Example #2
0
    def post(self):
        """
        관리자 로그인
        """
        id = request.form['id']
        pw = request.form['pw']

        pw = hexlify(pbkdf2_hmac(
            hash_name='sha256',
            password=pw.encode(),
            salt=current_app.secret_key.encode(),
            iterations=100000
        )).decode('utf-8')
        # pbkdf2_hmac hash with salt(secret key) and 100000 iteration

        admin = AdminModel.objects(id=id, pw=pw).first()

        if not admin:
            abort(401)

        # --- Auth success
        user_agent = request.headers.get('USER-AGENT', 'Windows Application') or 'Windows Application'

        return self.unicode_safe_json_response({
            'access_token': AccessTokenModelV2.create_access_token(admin, user_agent),
            'refresh_token': RefreshTokenModelV2.create_refresh_token(admin, user_agent)
        }, 200)
Example #3
0
    def post(self):
        """
        학생 로그인
        """
        id = request.form['id']
        pw = request.form['pw']

        pw = hexlify(
            pbkdf2_hmac(hash_name='sha256',
                        password=pw.encode(),
                        salt=current_app.secret_key.encode(),
                        iterations=100000)).decode('utf-8')

        # pbkdf2_hmac hash with salt(secret key) and 100000 iteration

        student = StudentModel.objects(id=id, pw=pw).first()

        if not student:
            abort(401)

        # --- Auth success

        return self.unicode_safe_json_response(
            {
                'access_token':
                AccessTokenModelV2.create_access_token(
                    student, request.headers['USER-AGENT']),
                'refresh_token':
                RefreshTokenModelV2.create_refresh_token(
                    student, request.headers['USER-AGENT'])
            }, 200)
Example #4
0
    def wrapper(*args, **kwargs):
        token = AccessTokenModelV2.objects(
            identity=UUID(get_jwt_identity())).first()

        if token:
            g.user = token.key.owner
        else:
            abort(403)

        return fn(*args, **kwargs)
Example #5
0
 def get(self):
     """
     로그인 여부 체크
     """
     try:
         return Response(
             '', 200 if AccessTokenModelV2.objects(
                 identity=UUID(get_jwt_identity())) else 204)
     except ValueError:
         abort(422)
Example #6
0
    def get(self):
        try:
            token = RefreshTokenModelV2.objects(identity=UUID(get_jwt_identity())).first()

            if not token:
                abort(401)

            return {
                'accessToken': AccessTokenModelV2.create_access_token(token.key.owner, request.headers['USER-AGENT'])
            }
        except ValueError:
            abort(422)
Example #7
0
        def wrapper(*args, **kwargs):
            try:
                token= AccessTokenModelV2.objects(identity=UUID(get_jwt_identity())).first()

                if token and isinstance(token.key.owner, model):
                    g.user = token.key.owner
                else:
                    abort(403)

                return fn(*args, **kwargs)
            except ValueError:
                abort(422)
Example #8
0
    def post(self):
        """
        학생 로그인 
        """
        payload = request.json

        student = StudentModel.objects(id=payload['id'], pw=self.encrypt_password(payload['password'])).first()

        return ({
            'accessToken': AccessTokenModelV2.create_access_token(student, request.headers['USER-AGENT']),
            'refreshToken': RefreshTokenModelV2.create_refresh_token(student, request.headers['USER-AGENT'])
        }, 201) if student else Response('', 401)
Example #9
0
    def post(self):
        """
        관리자 로그인
        """
        payload = request.json

        admin = AdminModel.objects(id=payload['id'], pw=self.encrypt_password(payload['password'])).first()

        user_agent = request.headers.get('USER-AGENT', 'Windows Application') or 'Windows Application'

        return ({
            'accessToken': AccessTokenModelV2.create_access_token(admin, user_agent),
            'refreshToken': RefreshTokenModelV2.create_refresh_token(admin, user_agent)
        }, 201) if admin else Response('', 401)
Example #10
0
    def post(self):
        """
        새로운 Access Token 획득
        """
        token = RefreshTokenModelV2.objects(identity=UUID(get_jwt_identity())).first()

        if not token:
            abort(205)

        user_agent = request.headers.get('USER-AGENT', 'Windows Application') or 'Windows Application'

        return self.unicode_safe_json_response({
            'access_token': AccessTokenModelV2.create_access_token(token.key.owner, user_agent)
        }, 200)
Example #11
0
    def post(self):
        """
        새로운 Access Token 획득
        """
        try:
            token = RefreshTokenModelV2.objects(
                identity=UUID(get_jwt_identity())).first()

            if not token:
                # Invalid token or the token issuing password is different from the current password
                # Returns status code 205 : Reset Content
                return Response('', 205)

            return self.unicode_safe_json_response(
                {
                    'access_token':
                    AccessTokenModelV2.create_access_token(
                        token.key.owner, request.headers['USER-AGENT'])
                }, 200)
        except ValueError:
            abort(422)