def tokengetter(access_token=None, refresh_token=None): """ Retrieve a token record using submitted access token or refresh token. """ if access_token: return AccessToken.from_jwt(access_token) elif refresh_token: return RefreshToken.query(refresh_token=refresh_token).first()
def tokensetter(token, request, *args, **kwargs): """ Save a new token to the database. :param token: Token dictionary containing access and refresh tokens, plus token type. :param request: Request dictionary containing information about the client and user. """ if request.grant_type != "refresh_token": tok = RefreshToken( refresh_token=token["refresh_token"], user_id=request.user.id ) db.session.add(tok) db.session.commit()
def test_refresh_token_is_deleted_when_user_is_deleted(db_session): john = users.john() token = RefreshToken(refresh_token='secret123', user=john) db_session.add(token) db_session.commit() john_id = john.id assert db_session.query(User).filter_by(id=john_id).count() == 1 assert db_session.query(RefreshToken).filter_by(user_id=john_id).count() == 1 db_session.delete(john) assert db_session.query(User).filter_by(id=john_id).count() == 0 assert db_session.query(RefreshToken).filter_by(user_id=john_id).count() == 0