def get_token_from_request():
if "Authorization" not in request.headers:
return None
token = request.headers["Authorization"]
actual_token = Token.get_or_none((Token.token == token)
& (Token.token_type == "access"))
return actual_token
def refresh():
"""Обновить токен"""
json = request.get_json()
if "token" not in json:
return errors.wrong_payload("token")
token = json["token"]
actual_token = Token.get_or_none((Token.token == token)
& (Token.token_type == "refresh"))
if actual_token is None:
return errors.token_invalid()
if actual_token.valid_until < datetime.datetime.now():
return errors.token_outdated()
user = actual_token.user
token = Token.generate_access_token(user)
refresh_token = Token.generate_refresh_token(user)
return jsonify({
"success": 1,
"access_token": {
"token": token.token,
"valid_until": token.valid_until.timestamp(),
},
"refresh_token": {
"token": refresh_token.token,
"valid_until": refresh_token.valid_until.timestamp(),
},
})
def valid():
"""Проверить, валиден ли токен"""
json = request.get_json()
if "token" not in json:
return errors.wrong_payload("token")
token = json["token"]
actual_token = Token.get_or_none((Token.token == token)
& (Token.token_type == "access"))
if actual_token is None:
return errors.token_invalid()
if actual_token.valid_until < datetime.datetime.now():
return errors.token_outdated()
return jsonify({"success": 1})
def new_pass():
"""Поменять пароль"""
json = request.get_json()
if "token" not in json:
return errors.wrong_payload("token")
if "password" not in json:
return errors.wrong_payload("password")
token = Token.get_or_none(Token.token == json["token"])
if token is None:
return errors.pass_recover_wrong_token()
if token.valid_until < datetime.datetime.now():
return errors.token_outdated()
user = token.user
password = json["password"]
user.password = salted(password, current_app.config["PASSWORD_SALT"])
user.save()
token.delete_instance()
return jsonify({"success": 1})