def get(self):
# get the auth token
auth_header = request.headers.get('Authorization')
if auth_header:
auth_token = auth_header.split(" ")[1]
else:
auth_token = ''
if auth_token:
resp = User.decode_token(auth_token, 'access')
if not isinstance(resp, str):
user = User.query.filter_by(id=resp['sub']).first()
responseObject = {
'status': 'success',
'data': {
'user_id': user.id,
'email': user.email,
'admin': user.admin,
'registered_on': user.registered_on
}
}
return make_response(jsonify(responseObject)), 200
responseObject = {'status': 'fail', 'message': resp}
return make_response(jsonify(responseObject)), 401
else:
responseObject = {
'status': 'fail',
'message': 'Provide a valid access token.'
}
return make_response(jsonify(responseObject)), 401
def post(self):
# get auth token
auth_header = request.headers.get('Authorization')
if auth_header:
auth_token = auth_header.split(" ")[1]
else:
auth_token = ''
if auth_token:
resp = User.decode_token(auth_token, 'refresh')
if not isinstance(resp, str):
# mark the token as blacklisted
blacklist_token = BlacklistToken(token=auth_token)
try:
# insert the token
db.session.add(blacklist_token)
db.session.commit()
responseObject = {
'status': 'success',
'message': 'Successfully logged out.'
}
return make_response(jsonify(responseObject)), 200
except Exception as e:
responseObject = {'status': 'fail', 'message': e}
return make_response(jsonify(responseObject)), 200
else:
responseObject = {'status': 'fail', 'message': resp}
return make_response(jsonify(responseObject)), 401
else:
responseObject = {
'status': 'fail',
'message': 'Provide a valid auth token.'
}
return make_response(jsonify(responseObject)), 403
def post(self):
# get the refresh token
auth_header = request.headers.get('Authorization')
if auth_header:
refresh_token = auth_header.split(" ")[1]
else:
refresh_token = ''
if refresh_token:
resp = User.decode_token(refresh_token, 'refresh')
if not isinstance(resp, str):
responseObject = {
'status':
'success',
'message':
'successfully created new access token',
'access_token':
(User.encode_access_token(resp['sub'])).decode()
}
return make_response(jsonify(responseObject)), 200
else:
responseObject = {
'status': 'fail',
'message': 'Provide a valid auth token.'
}
return make_response(jsonify(responseObject)), 401
else:
responseObject = {
'status': 'fail',
'message': 'Provide a valid refresh token.'
}
return make_response(jsonify(responseObject)), 403
def protected_resource(auth_token,
authorized_callback,
token_needed='access',
unauthorized_callback=default_unauthorized_callback):
"""
Method used to protect a resource. This is used in a view to determine whether they are authorized or unauthorized. User passes an$
:param auth_token: Token the user is attempting to authorized with.
:param authorized_callback: This is a callback method we used to return a json string to the view to be presented. The callback me$
:param unauthorized_callback: If there is still information that we want to present if the token is not authorized we can pass a c$
"""
# If a valid auth_token is present
if auth_token:
auth_token = auth_token.split(" ")[1]
resp = User.decode_token(auth_token, token_needed)
#when decoding the token, if the response is not a string, else we have an error and pass it to the default_expired_token_$
if not isinstance(resp, str):
return authorized_callback(resp)
elif resp == 'Expired':
return default_needs_fresh_token_callback
return unauthorized_callback('Unauthorized')
else:
return unauthorized_callback('Unauthorized')