def extract_session_wrapper(*args, **kwargs):
session_key = request.cookies.get("authorization")
redis_session = Session.from_session_key(session_key)
encoded_jwt = redis_session.get_encoded_jwt()
if encoded_jwt:
logger.debug("Attempting to authorize token")
try:
jwt = decode(encoded_jwt, jwt_secret, algorithms="HS256")
logger.debug("Token decoded successfully")
except JWTError:
logger.warning("Unable to decode token")
raise JWTValidationError
else:
logger.warning("No authorization token provided")
flash("To help protect your information we have signed you out.", "info")
session["next"] = request.url
return redirect(url_for("sign_in_bp.login"))
if app.config["VALIDATE_JWT"]:
if validate(jwt):
redis_session.refresh_session()
return original_function(redis_session, *args, **kwargs)
else:
logger.warning("Token is not valid for this request")
raise JWTValidationError
def extract_session_wrapper(*args, **kwargs):
session_key = request.cookies.get('authorization')
session = Session.from_session_key(session_key)
encoded_jwt = session.get_encoded_jwt()
if encoded_jwt:
logger.debug('Attempting to authorize token')
try:
jwt = decode(encoded_jwt, jwt_secret, algorithms='HS256')
logger.debug('Token decoded successfully')
except JWTError:
logger.warning('Unable to decode token')
raise JWTValidationError
else:
logger.warning('No authorization token provided')
flash(
'To help protect your information we have signed you out.',
'info')
return redirect(url_for('sign_in_bp.login', next=request.url))
if app.config['VALIDATE_JWT']:
if validate(jwt):
session.refresh_session()
return original_function(session, *args, **kwargs)
else:
logger.warning('Token is not valid for this request')
raise JWTValidationError
def _create_get_conversation_headers(encoded_jwt=None):
try:
if encoded_jwt is None:
encoded_jwt = Session.from_session_key(
request.cookies['authorization']).get_encoded_jwt()
except KeyError:
logger.error('Authorization token missing in cookie')
raise AuthorizationTokenMissing
return {'Authorization': encoded_jwt}
def confirm_account_email_change(token):
logger.info("Attempting to confirm account email change", token=token)
try:
party_controller.verify_email(token)
except ApiError as exc:
# Handle api errors
if exc.status_code == 409:
logger.info(
"Expired account email change verification token",
token=token,
api_url=exc.url,
api_status_code=exc.status_code,
)
session_key = request.cookies.get("authorization")
session = Session.from_session_key(session_key)
session.delete_session()
return render_template(
"account/account-email-change-confirm-link-expired.html",
token=token)
elif exc.status_code == 404:
logger.warning(
"Unrecognised account email change verification token",
token=token,
api_url=exc.url,
api_status_code=exc.status_code,
)
abort(404)
else:
logger.info(
"Failed to verify account email change verification email",
token=token,
api_url=exc.url,
api_status_code=exc.status_code,
)
raise exc
# Successful account activation therefore redirect back to the login screen
session_key = request.cookies.get("authorization")
session = Session.from_session_key(session_key)
session.delete_session()
logger.info("Successfully verified email change on your account",
token=token)
return render_template("account/account-email-change-confirm.html")
def confirm_account_email_change(token):
if not app.config['ACCOUNT_EMAIL_CHANGE_ENABLED']:
abort(404)
logger.info('Attempting to confirm account email change', token=token)
try:
party_controller.verify_email(token)
except ApiError as exc:
# Handle api errors
if exc.status_code == 409:
logger.info('Expired account email change verification token',
token=token,
api_url=exc.url,
api_status_code=exc.status_code)
session_key = request.cookies.get('authorization')
session = Session.from_session_key(session_key)
session.delete_session()
return render_template(
'account/account-email-change-confirm-link-expired.html',
token=token)
elif exc.status_code == 404:
logger.warning(
'Unrecognised account email change verification token',
token=token,
api_url=exc.url,
api_status_code=exc.status_code)
abort(404)
else:
logger.info(
'Failed to verify account email change verification email',
token=token,
api_url=exc.url,
api_status_code=exc.status_code)
raise exc
# Successful account activation therefore redirect back to the login screen
session_key = request.cookies.get('authorization')
session = Session.from_session_key(session_key)
session.delete_session()
logger.info('Successfully verified email change on your account',
token=token)
return render_template('account/account-email-change-confirm.html')
def _create_send_message_headers():
try:
encoded_jwt = Session.from_session_key(
request.cookies['authorization']).get_encoded_jwt()
except KeyError:
logger.error('Authorization token missing in cookie')
raise AuthorizationTokenMissing
return {
'Authorization': encoded_jwt,
'Content-Type': 'application/json',
'Accept': 'application/json'
}
def test_unread_message_count(self):
session = Session.from_party_id("party")
session.save()
self.assertFalse(session.message_count_expired())
session.set_unread_message_total(5)
key = session.session_key
session_to_assert = Session.from_session_key(key)
self.assertEqual(session_to_assert.get_unread_message_count(), 5)
def test_from_session_key(self):
session = Session.from_party_id("party")
session.save()
session_key = session.session_key
session_from_redis = Session.from_session_key(session_key)
self.assertTrue(session_from_redis is not None)
decoded_jwt = session_from_redis.get_decoded_jwt()
self.assertEqual(decoded_jwt["party_id"], "party")
self.assertEqual(session_from_redis.get_party_id(), "party")
def _create_send_message_headers() -> dict:
try:
encoded_jwt = Session.from_session_key(
request.cookies["authorization"]).get_encoded_jwt()
except KeyError:
logger.error("Authorization token missing in cookie")
raise AuthorizationTokenMissing
return {
"Authorization": encoded_jwt,
"Content-Type": "application/json",
"Accept": "application/json"
}
def handle_csrf_error(error):
logger.warning("CSRF token has expired",
error_message=error.description,
status_code=error.code)
session_key = request.cookies.get("authorization")
session_handler = Session.from_session_key(session_key)
encoded_jwt = session_handler.get_encoded_jwt()
if not encoded_jwt:
return render_template("errors/400-error.html"), 400
else:
session["next"] = request.url
return redirect(url_for("sign_in_bp.logout", csrf_error=True))
def logout():
# Delete user session in redis
session_key = request.cookies.get('authorization')
session = Session.from_session_key(session_key)
session.delete_session()
if request.args.get('csrf_error'):
flash('To help protect your information we have signed you out.',
'info')
# Delete session cookie
response = make_response(
redirect(url_for('sign_in_bp.login', next=request.args.get('next'))))
response.set_cookie('authorization', value='', expires=0)
return response
def handle_csrf_error(error):
logger.warning('CSRF token has expired',
error_message=error.description,
status_code=error.code)
session_key = request.cookies.get('authorization')
session_handler = Session.from_session_key(session_key)
encoded_jwt = session_handler.get_encoded_jwt()
if not encoded_jwt:
return render_template('errors/400-error.html'), 400
else:
return redirect(
url_for('sign_in_bp.logout', csrf_error=True, next=request.url))
def logout():
flashed_messages = get_flashed_messages(with_categories=True)
# Delete user session in redis
session_key = request.cookies.get("authorization")
session = Session.from_session_key(session_key)
session.delete_session()
if len(flashed_messages) > 0:
for category, message in flashed_messages:
flash(message=message, category=category)
if request.args.get("csrf_error"):
flash("To help protect your information we have signed you out.",
"info")
# Delete session cookie
response = make_response(
redirect(url_for("sign_in_bp.login", next=request.args.get("next"))))
response.delete_cookie("authorization")
return response
def test_get_message_count_from_session_if_persisted_by_api(self):
session = Session.from_party_id("id")
session.set_unread_message_total(1)
session_key = session.session_key
session_under_test = Session.from_session_key(session_key)
with responses.RequestsMock() as rsps:
rsps.add(rsps.GET,
url_get_conversation_count,
json=message_count,
status=200,
headers={'Authorisation': 'token'},
content_type='application/json')
with app.app_context():
count = conversation_controller.get_message_count_from_api(
session_under_test)
self.assertEqual(3,
session_under_test.get_unread_message_count())