def try_refresh_token(self, session_id):
morsel = context.cookies.get(self.refresh_token_key)
if not morsel or morsel.value is None or not morsel.value.strip():
self.bad()
return
refresh_token_encoded = morsel.value
# Decoding the refresh token
try:
refresh_principal = JwtRefreshToken.load(refresh_token_encoded)
self.ok(self.create_principal(member_id=refresh_principal.id,
session_id=session_id),
setup_header=True)
except itsdangerous.SignatureExpired:
self.bad()
except itsdangerous.BadData:
self.bad()
raise HttpBadRequest()
def try_refresh_token(self, session_id):
morsel = context.cookies.get(self.refresh_token_key)
if not morsel:
return self.bad()
if settings.jwt.refresh_token.secure \
and context.request_scheme != 'https':
raise HTTPBadRequest('not allowed')
if morsel.value is None or not morsel.value.strip():
return self.bad()
refresh_token_encoded = morsel.value
# Decoding the refresh token
try:
refresh_principal = JwtRefreshToken.load(refresh_token_encoded)
self.ok(self.create_principal(member_id=refresh_principal.id,
session_id=session_id),
setup_header=True)
except itsdangerous.SignatureExpired:
self.bad()
except itsdangerous.BadData:
self.bad()
raise HTTPBadRequest()
def create_refresh_principal(self, member_id=None):
return JwtRefreshToken(dict(id=member_id))
def create_refresh_principal(self):
return JwtRefreshToken(dict(id=self.id))