def create_blacklisted_token(e, token):
blacklisted_token = None
if isinstance(e, ExpiredToken):
payload = UserModel.decode_expired_token(token)
payload_dict = json.loads(payload)
blacklisted_token = BlackListTokenModel(
token_id=payload_dict.get('token_id'))
elif isinstance(e, InvalidToken):
blacklisted_token = BlackListTokenModel(token=token)
return blacklisted_token
def post(self):
token = get_token()
try:
payload = UserModel.decode_refresh_token(token)
payload_dict = json.loads(payload)
user = UserModel.query.filter_by(
public_id=payload_dict.get('name')).first()
access_token = user.encode_access_token(user.username)
response_obj = dict(status='Success',
message='Generated new access token',
refresh_token_renewed=False,
access_token=access_token.decode())
return make_response(jsonify(response_obj), 200)
except ExpiredToken as e:
payload = UserModel.decode_expired_token(token)
payload_dict = json.loads(payload)
user = UserModel.query.filter_by(
public_id=payload_dict.get('name')).first()
access_token, refresh_token, refresh_token_id = user.encode_auth_tokens(
user.username)
blacklisted_token = BlackListTokenModel(
token_id=payload_dict.get('token_id'))
user.token_id = refresh_token_id
db.session.add(blacklisted_token)
db.session.commit()
response_obj = dict(
status='Success',
message='Generated new refresh and access tokens',
refresh_token_renewed=True,
access_token=access_token.decode(),
refresh_token=refresh_token.decode())
return make_response(jsonify(response_obj), 200)
except InvalidToken as err:
blacklisted_token = create_blacklisted_token(err, token)
db.session.add(blacklisted_token)
db.session.commit()
response_obj = dict(status='Fail',
message=str(UnauthorizedAccess()),
error=UnauthorizedAccess.__name__)
return make_response(jsonify(response_obj), 403)
except (BlacklistedToken, Exception) as err:
error = None
if isinstance(err, BlacklistedToken):
error = BlacklistedToken.__name__
else:
error = OtherError.__name__
response_obj = dict(status='Fail', message=str(err), error=error)
return make_response(jsonify(response_obj), 500)
def test_decode_expired_token(self):
user = UserModel(username='******', password='******')
db.session.add(user)
db.session.commit()
_, refresh_token, refresh_token_id = user.encode_auth_tokens(
user.username)
self.assertTrue(isinstance(refresh_token, bytes))
payload = jwt.decode(refresh_token, key)
payload['exp'] = datetime.datetime.utcnow() - datetime.timedelta(
minutes=32)
token = jwt.encode(payload, key, algorithm='HS256')
response = UserModel.decode_expired_token(token)
resp = json.loads(response)
self.assertTrue(resp.get('name') == payload.get('sub'))
self.assertTrue(resp.get('token_id') == payload.get('jti'))