def wrapper(*args, **kwargs):
        response = {}
        auth_token = request.headers.get('x-auth-token')
        if not auth_token or auth_token is None:
            response = {'success': False, 'message': 'Please provide a token'}
            return response, 401

        decoded_payload = decode_auth_token(auth_token=auth_token)

        # Error decoding token
        if isinstance(decoded_payload, str):
            response['success'] = False
            response['message'] = decoded_payload
            return response, 401

        # Check revoked token
        try:
            if RevokedToken.check(token=auth_token):
                response['success'] = False
                response['message'] = 'Revoked token. Please log in again'
                return response, 403
        except Exception:
            db.session.rollback()
            response['success'] = False
            response['message'] = 'Internal Server Error. Revoke check Error'
            return response, 500

        return func(*args, **kwargs, decoded_payload=decoded_payload)
Exemple #2
0
    def verify(auth_token):
        response = {}
        decoded_payload = decode_auth_token(auth_token=auth_token)

        if isinstance(decoded_payload, str):
            response['success'] = False
            response['message'] = decoded_payload
            return response, 401

        try:
            if RevokedToken.check(token=auth_token):
                response['success'] = False
                response['message'] = 'Token revoked'
                return response, 403
        except Exception:
            raise AppException('Internal Server Error. Revoke Check Error',
                               500)

        response['success'] = True
        response['entity'] = decoded_payload['entity']
        return response, 200
    def logout_student(auth_token):
        response = {}
        decoded_payload = decode_auth_token(auth_token=auth_token)

        # Error decoding error
        if isinstance(decoded_payload, str):
            response['success'] = False
            response['message'] = decoded_payload
            return response, 401

        # Ensure this method logs out only students
        if decoded_payload.get('reg_no') is None:
            response['success'] = True
            response['message'] = 'Unathorized to perform action'
            return response, 403

        # Check revoked token
        try:
            if RevokedToken.check(token=auth_token):
                response['success'] = False
                response['message'] = 'Revoked token. Please log in again'
                return response, 403
        except Exception:
            db.session.rollback()
            response['success'] = False
            response['message'] = 'Internal Server Error. Revoke check Error'
            return response, 500

        # Mark token as revoked and logout student
        try:
            RevokedToken(token=auth_token).save()
        except Exception:
            db.session.rollback()
            response['success'] = False
            response['message'] = 'Internal Server Error'
            return response, 500

        response['success'] = True
        response['message'] = 'Logged out successfully'
        return response, 200