def _get_jwt():
token = session.get('token')
decoded_token = token_decoder.decode_access_token(token)
user_id = decoded_token.get('user_id')
secret = current_app.config['SECURE_MESSAGE_JWT_SECRET']
sm_token = jwt.encode({'party_id': user_id, 'role': 'internal'}, secret, algorithm='HS256')
logger.info("Retrieving current token for user", user_id=current_user.id)
return sm_token
def _get_jwt() -> str:
token = session.get("token")
decoded_token = token_decoder.decode_access_token(token)
user_id = decoded_token.get("user_id")
secret = current_app.config["SECURE_MESSAGE_JWT_SECRET"]
sm_token = jwt.encode({
"party_id": user_id,
"role": "internal"
},
secret,
algorithm="HS256")
logger.info("Retrieving current token for user", user_id=current_user.id)
return sm_token
def sign_in():
form = LoginForm(request.form)
if current_user.is_authenticated:
return redirect(url_for("home_bp.home"))
if form.validate_on_submit():
username = request.form.get("username")
password = request.form.get("password")
logger.info("Retrieving sign-in details")
access_token = uaa_controller.sign_in(username, password)
try:
logger.info("Successfully retrieved sign-in details")
token = token_decoder.decode_access_token(access_token)
user_id = token.get("user_id")
except DecodeError:
logger.error(
"Unable to decode token - confirm the UAA public key is correct",
access_token=access_token)
abort(500)
else:
# store the token in the session (it's server side and stored in redis)
session["token"] = access_token
session["username"] = username
session["user_id"] = user_id
user = User(user_id, username)
login_user(user)
if "next" in session:
return redirect(session["next"])
return redirect(url_for("home_bp.home"))
is_role_based_access_enabled = current_app.config[
"IS_ROLE_BASED_ACCESS_ENABLED"]
for message in get_flashed_messages(with_categories=True):
if "failed_authentication" in message:
return render_template(
"sign_in.html",
form=form,
failed_authentication=True,
is_role_base_access_enabled=is_role_based_access_enabled,
)
return render_template(
"sign_in.html",
form=form,
is_role_base_access_enabled=is_role_based_access_enabled)
def sign_in():
form = LoginForm(request.form)
if current_user.is_authenticated:
return redirect(url_for('home_bp.home'))
if form.validate_on_submit():
username = request.form.get('username')
password = request.form.get('password')
logger.info('Retrieving sign-in details')
access_token = uaa_controller.sign_in(username, password)
try:
logger.info('Successfully retrieved sign-in details')
token = token_decoder.decode_access_token(access_token)
user_id = token.get('user_id')
except DecodeError:
logger.error(
"Unable to decode token - confirm the UAA public key is correct",
access_token=access_token)
abort(500)
else:
# store the token in the session (it's server side and stored in redis)
session['token'] = access_token
session['username'] = username
user = User(user_id, username)
login_user(user)
if 'next' in session:
return redirect(session['next'])
return redirect(url_for('home_bp.home'))
for message in get_flashed_messages(with_categories=True):
if "failed_authentication" in message:
return render_template('sign_in.html',
form=form,
failed_authentication=True)
return render_template('sign_in.html', form=form)