def post(self): try: user = User.query.filter_by(username=request.json['username']).first() if user and user.check_password(request.json['password']): access_token = create_access_token(identity=user.id) # Store the tokens in our store with a status of not currently revoked. add_token_to_database(access_token, app.config['JWT_IDENTITY_CLAIM']) return jsonify({'token': access_token}) else: return "Invalid username/password supplied" except: return "Invalid username/password supplied"
def login(): username = request.json.get('username', None) password = request.json.get('password', None) if username != 'test' or password != 'test': return jsonify({"msg": "Bad username or password"}), 401 # Create our JWTs access_token = create_access_token(identity=username) refresh_token = create_refresh_token(identity=username) # Store the tokens in our store with a status of not currently revoked. add_token_to_database(access_token, app.config['JWT_IDENTITY_CLAIM']) add_token_to_database(refresh_token, app.config['JWT_IDENTITY_CLAIM']) ret = {'access_token': access_token, 'refresh_token': refresh_token} return jsonify(ret), 201
def login(): username = request.get_json()['username'] password = request.get_json()['password'] result = "" user = Users.query.filter_by(username=username).first() if not user: result = {'success': False, 'error': "Incorrect username"} elif user.check_password(password): if user.isAuthenticatedIntegrator: if user.isAuthenticatedAdmin: integrator_token = False if user.user_type == 'Integrator': integrator_token = True expires = timedelta(hours=12) access_token = create_access_token(identity=username, expires_delta=expires) add_token_to_database(access_token, app.config['JWT_IDENTITY_CLAIM']) result = { 'success': True, 'error': "", 'access_token': access_token, 'integrator_token': integrator_token } else: result = { 'success': False, 'error': "User not authenticated by admin" } else: result = { 'success': False, 'error': "User not authenticated by integrator nor admin" } else: result = {'success': False, 'error': "Incorrect password"} return jsonify(result)
def refresh(): # Do the same thing that we did in the login endpoint here current_user = get_jwt_identity() access_token = create_access_token(identity=current_user) add_token_to_database(access_token, app.config['JWT_IDENTITY_CLAIM']) return jsonify({'access_token': access_token}), 201
def handle_user_login(): headers = {"Content-Type": "application/json"} # check json content if request.json: # check for data contents login_input = request.json if set(("email", "password")).issubset(login_input): # user input has required keys if login_input["email"] and login_input["password"]: print( f"data is {login_input['email']} {login_input['password']}" ) if validate_email_syntax(login_input["email"]): # email sintax is valid requesting_user = User.query.filter_by( email=login_input["email"]).first() if requesting_user: if requesting_user.check_password( login_input["password"]): access_token = create_access_token(requesting_user) add_token_to_database( access_token, app.config["JWT_IDENTITY_CLAIM"]) # refresh_token = create_refresh_token(requesting_user) # add_token_to_database(refresh_token, app.config["JWT_IDENTITY_CLAIM"]) response_body = { "result": "HTTP_200_0K. user is verified, JWT cookies set on your browser" } status_code = 200 auth_response = make_response( json.dumps(response_body), status_code, headers) set_access_cookies(auth_response, access_token) return auth_response else: status_code = 401 response_body = { "result": "HTTP_401_UNAUTHORIZED. bad credentials..." } else: status_code = 404 response_body = { "result": "HTTP_401_UNAUTHORIZED. bad credentials..." } else: status_code = 400 response_body = { "result": "HTTP_400_BAD_REQUEST. empty credentials..." } else: status_code = 400 response_body = { "result": "HTTP_400_BAD_REQUEST. invalid email syntax..." } else: # user input is missing keys status_code = 400 response_body = { "result": "HTTP_400_BAD_REQUEST. a key is missing or was misspelled..." } else: # no json content in request... status_code = 400 response_body = { "result": "HTTP_400_BAD_REQUEST. no json data in request... what are you trying to register?" } return make_response(json.dumps(response_body), status_code, headers)