def login(): response = dict() email = request.json.get('email') password = request.json.get('password') user = User.find_one({'email': email, 'enabled': True}) if user.verify_password(password): # Creates session and persists it in Redis access_token = create_access_token(user.id) refresh_token = create_refresh_token(user.id) access_jti = get_jti(encoded_token=access_token) refresh_jti = get_jti(encoded_token=refresh_token) redis.set(access_jti, 'false', ConfigJWT.JWT_ACCESS_TOKEN_EXPIRES * 1.2) redis.set(refresh_jti, 'false', ConfigJWT.JWT_REFRESH_TOKEN_EXPIRES * 1.2) response['access_token'] = access_token response['refresh_token'] = refresh_token response['expires_in'] = datetime.now( ) + ConfigJWT.JWT_ACCESS_TOKEN_EXPIRES code = 201 else: response['message'] = 'unauthorized' code = 401 return response, code
def refresh(): current_user = get_jwt_identity() access_token = create_access_token(identity=current_user) access_jti = get_jti(encoded_token=access_token) redis.set(access_jti, 'false', ConfigJWT.JWT_ACCESS_TOKEN_EXPIRES * 1.2) ret = { 'access_token': create_access_token(identity=current_user), 'expires_in': datetime.now() + ConfigJWT.JWT_ACCESS_TOKEN_EXPIRES } return jsonify(ret), 200
def get(self): if not redis.exists(self.path): app.logger.info("get UserList here") response_object = { "status": "success", "data": { "users": User.read() }, "message": "Get all users", } app.logger.info(response_object["message"]) redis.set(self.path, json.dumps(response_object)) else: app.logger.info("read UserList from Redis") response_object = json.loads(redis.get(self.path)) return response_object, 200
def logout_refresh(): jti = get_raw_jwt()['jti'] redis.set(jti, 'true', ConfigJWT.JWT_ACCESS_TOKEN_EXPIRES * 1.2) return jsonify({"msg": "Successfully logged out"}), 200