def user_login(username, password): current_user = User.find_by_username(username) if not current_user: return { 'status': 'fail', 'message': 'User {} doesn\'t exist'.format(username) }, 401 if current_user and current_user.check_password(password): expiresAccesToken = datetime.timedelta( seconds=int(JWT_ACCESS_TOKEN_EXPIRES)) expiresRefreshToken = datetime.timedelta( seconds=int(JWT_REFRESH_TOKEN_EXPIRES)) access_token = create_access_token(identity=current_user.public_id, expires_delta=expiresAccesToken) refresh_token = create_refresh_token(identity=current_user.public_id, expires_delta=expiresRefreshToken) return { 'message': 'Logged in as {}'.format(current_user.username), 'access_token': access_token, 'refresh_token': refresh_token, 'expires': JWT_ACCESS_TOKEN_EXPIRES, } else: return {'message': 'Wrong credentials'}, 403
def decorated(*args, **kwargs): username = get_jwt_identity() user = User.find_by_username(username) if not user: return {'message': 'User not found !'}, 404 if not user.admin: return { 'status': 'fail', 'message': 'admin token required' }, 401 return f(*args, **kwargs)