def tokengetter(access_token=None, refresh_token=None):
""" Retrieve a token record using submitted access token or refresh token. """
if access_token:
return AccessToken.from_jwt(access_token)
elif refresh_token:
return RefreshToken.query(refresh_token=refresh_token).first()
def tokengetter(access_token=None, refresh_token=None):
""" Retrieve a token record using submitted access token or refresh token. """
if access_token:
return AccessToken.from_jwt(access_token)
elif refresh_token:
return RefreshToken.query(refresh_token=refresh_token).first()
def tokensetter(token, request, *args, **kwargs):
""" Save a new token to the database.
:param token: Token dictionary containing access and refresh tokens, plus token type.
:param request: Request dictionary containing information about the client and user.
"""
if request.grant_type != "refresh_token":
tok = RefreshToken(
refresh_token=token["refresh_token"], user_id=request.user.id
)
db.session.add(tok)
db.session.commit()
def test_refresh_token_is_deleted_when_user_is_deleted(db_session):
john = users.john()
token = RefreshToken(refresh_token='secret123', user=john)
db_session.add(token)
db_session.commit()
john_id = john.id
assert db_session.query(User).filter_by(id=john_id).count() == 1
assert db_session.query(RefreshToken).filter_by(user_id=john_id).count() == 1
db_session.delete(john)
assert db_session.query(User).filter_by(id=john_id).count() == 0
assert db_session.query(RefreshToken).filter_by(user_id=john_id).count() == 0