def wrapper(*args, **kwargs):
verify_jwt_in_request()
user = user_services.get_by_id(get_jwt_identity())
if kwargs.get('user_id') != user.id and user.is_admin == False:
return {'error': 'Unauthorized user'}, 401
else:
return func(*args, **kwargs)
def get(self):
user = user_services.get_by_id(get_jwt_identity())
output_schema = filters.get_schema(query_string=request.args,
schema_cls=UserOutputSchema)
output_fields = filters.get_fields(request.args)
response = output_schema.from_orm(user).dict(include=output_fields)
return response, 200
def token_refresh(user_id: int) -> Tuple[User, str, str]:
user = user_services.get_by_id(id=user_id)
token = jwt.create_access_token(
identity=user.id,
expires_delta=timedelta(minutes=config.JWT_EXPIRATION_TIME),
fresh=True)
refresh_token = jwt.create_refresh_token(
identity=user.id,
expires_delta=timedelta(minutes=config.JWT_REFRESH_EXPIRATION_TIME))
return user, token, refresh_token
def patch(self, user_id: int, data: UserPartialUpdateSchema):
user = user_services.get_by_id(user_id)
user = user_services.update(model_instance=user, data=data)
response = UserOutputSchema.from_orm(user).dict()
return response, 200