def refresh(refresh_token):
"""Get a one-time access token"""
username = get_jwt_identity()
# get user info
if not (user := UserModel.query.filter_by(username=username).first()):
error(400, "Username is not exists.")
def login(data):
"""Login to get refresh token"""
username = data.get("username")
password = data.get("password")
if not (user := UserModel.query.filter_by(username=username).first()):
error(400, "User is not exists.")
def register(data):
"""Register new user"""
username = data.get("username")
password = data.get("password")
# Check if the username is taken
if UserModel.query.filter_by(username=username).first() is not None:
error(403, "Username is already being used.")
try:
new_user: UserModel = UserModel(username=username,
password=password)
db.session.add(new_user)
db.session.commit()
return success(201, "User registration is successful.",
login_schema.dump(new_user))
except Exception as e:
error(500, e.args[0])
def post(self):
"""User login"""
data = request.get_json()
if err := login_schema.validate(data):
return error(400, err)
class AuthService:
@staticmethod
def register(data):
"""Register new user"""
username = data.get("username")
password = data.get("password")
# Check if the username is taken
if UserModel.query.filter_by(username=username).first() is not None:
error(403, "Username is already being used.")
try:
new_user: UserModel = UserModel(username=username,
password=password)
db.session.add(new_user)
db.session.commit()
return success(201, "User registration is successful.",
login_schema.dump(new_user))
except Exception as e:
error(500, e.args[0])
@staticmethod
def login(data):
"""Login to get refresh token"""
username = data.get("username")
password = data.get("password")
if not (user := UserModel.query.filter_by(username=username).first()):
error(400, "User is not exists.")
if not user.verify_password(password):
error(400, "password is error.")
# https://flask-jwt-extended.readthedocs.io/en/stable/blacklist_and_token_revoking/
# https://github.com/vimalloc/flask-jwt-extended/blob/master/examples/redis_blacklist.py
# create token
access_token = create_access_token(identity=username)
refresh_token = create_refresh_token(identity=username)
# update redis
access_jti = get_jti(encoded_token=access_token)
refresh_jti = get_jti(encoded_token=refresh_token)
redis.set(access_jti, 'false', ACCESS_EXPIRE)
redis.set(refresh_jti, 'false', REFRESH_EXPIRE)
# set tokens at cookie && set csrf token
# https://flask-jwt-extended.readthedocs.io/en/stable/tokens_in_cookies/
data = {
'user': user,
'access_csrf': get_csrf_token(access_token),
'refresh_csrf': get_csrf_token(refresh_token)
}
data = login_schema.dump(data)
obj, _ = success(201, "User login success.", data)
response: Response = jsonify(obj)
set_access_cookies(response, access_token)
set_refresh_cookies(response, refresh_token)
response.status_code = 201
return response