def login_cookies(): # Create the tokens we will be sending back to the user access_token = create_access_token(identity='test') refresh_token = create_refresh_token(identity='test') # Set the JWTs and the CSRF double submit protection cookies in this response resp = jsonify({'login': True}) set_access_cookies(resp, access_token) set_refresh_cookies(resp, refresh_token) return resp, 200
def refresh_expired_token(response): try: exp_timestamp = get_raw_jwt()['exp'] now = datetime.now(timezone.utc) target_timestam = datetime.timestamp(now + timedelta(minutes=30)) if target_timestam > exp_timestamp: access_token = create_access_token(identity=get_jwt_identity()) set_access_cookies(response=response, encoded_access_token=access_token) return response except: return response
def post(self): """User's login view""" args = user_login_parser.parse_args() user: User = User.query.filter( or_( func.lower(User.email) == args.get("username", "").lower(), func.lower(User.username) == args.get("username", "").lower(), )).first() if not user or user.password != args.get("password", None): raise UserExceptions.wrong_login_creds() token = create_access_token(user) user.token = get_csrf_token(token) user_session = Session(user=user, token=get_jti(token), **extract_request_info(request=request)) user_session.save(True) response = make_response(marshal( user, user_model, )) set_access_cookies(response=response, encoded_access_token=token) return response
def login(): try: body = request.get_json() user = User.objects.get(email=body.get("email")) authorized = user.check_password(body.get("password")) if not authorized: return { "status": "fail", "message": 'Incorrect email or password!' }, 401 expires = datetime.timedelta(minutes=5) access_token = create_access_token(identity=str(user.id), expires_delta=expires) response = make_response({"status": "Success", "token": access_token}) set_access_cookies(response, access_token) return response except DoesNotExist: return {"status": "fail", "message": "Account does not exist"}, 404
def refresh(): username = get_jwt_identity() access_token = create_access_token(username, fresh=False) resp = jsonify({'refresh': True}) set_access_cookies(resp, access_token) return resp, 200
def bad_login(): access_token = create_access_token('test') resp = jsonify({'login': True}) set_access_cookies(resp, access_token) return resp, 200