def post(self):
jti = get_raw_jwt()["jti"]
try:
TokenModel.revoke_token(jti=jti)
return jsonify({"msg": "Refresh token revoked."}), 200
except TokenNotFound:
return jsonify({"msg": "The specified token was not found"}), 404
def post(self):
if not request.is_json:
return {"msg": "Missing JSON in request"}, 400
username = request.json.get("username", None)
password = request.json.get("password", None)
if not username:
return {"msg": "Missing username parameter"}, 400
if not password:
return {"msg": "Missing password parameter"}, 400
user = UserModel.find_by_username(username)
if user and user.validate_password(password):
access_token = create_access_token(identity=username)
refresh_token = create_refresh_token(identity=username)
TokenModel.save_encoded_token_to_db(
access_token, current_app.config["JWT_IDENTITY_CLAIM"])
TokenModel.save_encoded_token_to_db(
refresh_token, current_app.config["JWT_IDENTITY_CLAIM"])
return (
{
"access_token": access_token,
"refresh_token": refresh_token
},
200,
)
return "Invalid username or password.", 400
def put(self, token_id):
json_data = request.get_json(silent=True)
if not json_data:
return jsonify({"msg": "Missing 'revoke' in body"}), 400
revoke = json_data.get("revoke", None)
if revoke is None:
return jsonify({"msg": "Missing 'revoke' in body"}), 400
if not isinstance(revoke, bool):
return jsonify({"msg": "'revoke' must be a boolean"}), 400
current_user = get_jwt_identity()
try:
if revoke:
TokenModel.revoke_token(token_id, current_user)
return jsonify({"msg": "Token revoked"}), 200
else:
TokenModel.unrevoke_token(token_id, current_user)
return jsonify({"msg": "Token unrevoked"}), 200
except TokenNotFound:
return jsonify({"msg": "The specified token was not found"}), 404
def test_auth_logout_refresh(self):
"""
Revoke refresh token first, then check accessibility
"""
self.client.post(
url_for("api.auth_logout_refresh_api"),
headers=self._set_auth_headers(self.token_refresh),
)
target_tokens = TokenModel.get_user_tokens(self.username)
self.assertTrue(target_tokens[1].revoked)
def test_auth_token_refresh(self):
"""
Refresh auth token first, then find that token
"""
json_post = self.client.post(
url_for("api.auth_token_refresh_api"),
headers=self._set_auth_headers(self.token_refresh),
).get_json()
access_token_jti = decode_token(json_post["access_token"])["jti"]
target_tokens = TokenModel.get_user_tokens(self.username)
self.assertIn(access_token_jti, [x.jti for x in target_tokens])
def test_auth_token_revoke(self):
"""
Revoke auth token first, then check all tokens
"""
self.client.put(
url_for("api.auth_token_revoke_api", token_id=2),
json=dict(revoke=True),
headers=self._set_auth_headers(self.token_access),
)
target_tokens = TokenModel.get_user_tokens(self.username)
self.assertTrue(target_tokens[1].revoked)
def test_auth_token(self):
"""
Create auth token first, then find that token
"""
json_post = self.client.post(
url_for("api.auth_token_api"),
json=dict(username=self.username, password=self.password),
headers=self._set_auth_headers(),
).get_json()
access_token_jti = decode_token(json_post["access_token"])["jti"]
refresh_token_jti = decode_token(json_post["refresh_token"])["jti"]
target_tokens = TokenModel.get_user_tokens(self.username)
self.assertIn(access_token_jti, [x.jti for x in target_tokens])
self.assertIn(refresh_token_jti, [x.jti for x in target_tokens])
def get(self):
current_user = get_jwt_identity()
all_tokens = TokenModel.get_user_tokens(current_user)
ret = [token.to_dict() for token in all_tokens]
return jsonify(ret), 200
def post(self):
current_user = get_jwt_identity()
access_token = create_access_token(identity=current_user)
TokenModel.save_encoded_token_to_db(
access_token, current_app.config["JWT_IDENTITY_CLAIM"])
return {"access_token": access_token}
def check_if_token_revoked(decoded_token):
return TokenModel.is_token_revoked(decoded_token)
def prunetoken():
"""Delete all the expired tokens in the db."""
TokenModel.prune_database_tokens()
click.echo("Deleted expired tokens.")