def login():
response = dict()
email = request.json.get('email')
password = request.json.get('password')
user = User.find_one({'email': email, 'enabled': True})
if user.verify_password(password):
# Creates session and persists it in Redis
access_token = create_access_token(user.id)
refresh_token = create_refresh_token(user.id)
access_jti = get_jti(encoded_token=access_token)
refresh_jti = get_jti(encoded_token=refresh_token)
redis.set(access_jti, 'false',
ConfigJWT.JWT_ACCESS_TOKEN_EXPIRES * 1.2)
redis.set(refresh_jti, 'false',
ConfigJWT.JWT_REFRESH_TOKEN_EXPIRES * 1.2)
response['access_token'] = access_token
response['refresh_token'] = refresh_token
response['expires_in'] = datetime.now(
) + ConfigJWT.JWT_ACCESS_TOKEN_EXPIRES
code = 201
else:
response['message'] = 'unauthorized'
code = 401
return response, code
def refresh():
current_user = get_jwt_identity()
access_token = create_access_token(identity=current_user)
access_jti = get_jti(encoded_token=access_token)
redis.set(access_jti, 'false', ConfigJWT.JWT_ACCESS_TOKEN_EXPIRES * 1.2)
ret = {
'access_token': create_access_token(identity=current_user),
'expires_in': datetime.now() + ConfigJWT.JWT_ACCESS_TOKEN_EXPIRES
}
return jsonify(ret), 200
def get(self):
if not redis.exists(self.path):
app.logger.info("get UserList here")
response_object = {
"status": "success",
"data": {
"users": User.read()
},
"message": "Get all users",
}
app.logger.info(response_object["message"])
redis.set(self.path, json.dumps(response_object))
else:
app.logger.info("read UserList from Redis")
response_object = json.loads(redis.get(self.path))
return response_object, 200
def logout_refresh():
jti = get_raw_jwt()['jti']
redis.set(jti, 'true', ConfigJWT.JWT_ACCESS_TOKEN_EXPIRES * 1.2)
return jsonify({"msg": "Successfully logged out"}), 200