def resp_with_access_token(response, access_token): domain = get_config('api', 'jwt.domain') response.set_cookie( key='access_token', value=access_token, secure=get_config('api', 'jwt.secure'), httponly=True, expires=datetime.datetime.utcnow() + datetime.timedelta(seconds=get_config('api', 'jwt.exp')), domain=(domain if domain else None)) return response
def get_access_token(user_id): return jwt.encode( { 'exp': datetime.datetime.utcnow() + datetime.timedelta(seconds=get_config('api', 'jwt.exp')), 'user_id': user_id }, get_config('api', 'jwt.secret'), algorithm='HS256')
def get_payload(access_token): try: payload = jwt.decode(access_token, get_config('api', 'jwt.secret'), algorithm='HS256') if not payload or 'user_id' not in payload: raise TokenInvalid() return payload except ExpiredSignatureError: raise TokenExpired() except DecodeError: raise TokenInvalid()