Esempio n. 1
0
 def post(self):
     try:
         user = User.query.filter_by(username=request.json['username']).first()
         if user and user.check_password(request.json['password']):
             access_token = create_access_token(identity=user.id)
             # Store the tokens in our store with a status of not currently revoked.
             add_token_to_database(access_token, app.config['JWT_IDENTITY_CLAIM'])
             return jsonify({'token': access_token})
         else:
             return "Invalid username/password supplied"
     except:
         return "Invalid username/password supplied"
Esempio n. 2
0
    def login():
        username = request.json.get('username', None)
        password = request.json.get('password', None)
        if username != 'test' or password != 'test':
            return jsonify({"msg": "Bad username or password"}), 401

        # Create our JWTs
        access_token = create_access_token(identity=username)
        refresh_token = create_refresh_token(identity=username)

        # Store the tokens in our store with a status of not currently revoked.
        add_token_to_database(access_token, app.config['JWT_IDENTITY_CLAIM'])
        add_token_to_database(refresh_token, app.config['JWT_IDENTITY_CLAIM'])

        ret = {'access_token': access_token, 'refresh_token': refresh_token}
        return jsonify(ret), 201
Esempio n. 3
0
def login():
    username = request.get_json()['username']
    password = request.get_json()['password']
    result = ""

    user = Users.query.filter_by(username=username).first()

    if not user:
        result = {'success': False, 'error': "Incorrect username"}
    elif user.check_password(password):
        if user.isAuthenticatedIntegrator:
            if user.isAuthenticatedAdmin:
                integrator_token = False
                if user.user_type == 'Integrator':
                    integrator_token = True
                expires = timedelta(hours=12)
                access_token = create_access_token(identity=username,
                                                   expires_delta=expires)
                add_token_to_database(access_token,
                                      app.config['JWT_IDENTITY_CLAIM'])
                result = {
                    'success': True,
                    'error': "",
                    'access_token': access_token,
                    'integrator_token': integrator_token
                }
            else:
                result = {
                    'success': False,
                    'error': "User not authenticated by admin"
                }
        else:
            result = {
                'success': False,
                'error': "User not authenticated by integrator nor admin"
            }
    else:
        result = {'success': False, 'error': "Incorrect password"}

    return jsonify(result)
Esempio n. 4
0
 def refresh():
     # Do the same thing that we did in the login endpoint here
     current_user = get_jwt_identity()
     access_token = create_access_token(identity=current_user)
     add_token_to_database(access_token, app.config['JWT_IDENTITY_CLAIM'])
     return jsonify({'access_token': access_token}), 201
Esempio n. 5
0
def handle_user_login():
    headers = {"Content-Type": "application/json"}
    # check json content
    if request.json:
        # check for data contents
        login_input = request.json
        if set(("email", "password")).issubset(login_input):
            # user input has required keys
            if login_input["email"] and login_input["password"]:
                print(
                    f"data is {login_input['email']} {login_input['password']}"
                )
                if validate_email_syntax(login_input["email"]):
                    # email sintax is valid
                    requesting_user = User.query.filter_by(
                        email=login_input["email"]).first()
                    if requesting_user:
                        if requesting_user.check_password(
                                login_input["password"]):
                            access_token = create_access_token(requesting_user)
                            add_token_to_database(
                                access_token, app.config["JWT_IDENTITY_CLAIM"])
                            # refresh_token = create_refresh_token(requesting_user)
                            # add_token_to_database(refresh_token, app.config["JWT_IDENTITY_CLAIM"])
                            response_body = {
                                "result":
                                "HTTP_200_0K. user is verified, JWT cookies set on your browser"
                            }
                            status_code = 200
                            auth_response = make_response(
                                json.dumps(response_body), status_code,
                                headers)
                            set_access_cookies(auth_response, access_token)
                            return auth_response

                        else:
                            status_code = 401
                            response_body = {
                                "result":
                                "HTTP_401_UNAUTHORIZED. bad credentials..."
                            }
                    else:
                        status_code = 404
                        response_body = {
                            "result":
                            "HTTP_401_UNAUTHORIZED. bad credentials..."
                        }
                else:
                    status_code = 400
                    response_body = {
                        "result": "HTTP_400_BAD_REQUEST. empty credentials..."
                    }
            else:
                status_code = 400
                response_body = {
                    "result": "HTTP_400_BAD_REQUEST. invalid email syntax..."
                }
        else:
            # user input is missing keys
            status_code = 400
            response_body = {
                "result":
                "HTTP_400_BAD_REQUEST. a key is missing or was misspelled..."
            }
    else:
        # no json content in request...
        status_code = 400
        response_body = {
            "result":
            "HTTP_400_BAD_REQUEST. no json data in request... what are you trying to register?"
        }
    return make_response(json.dumps(response_body), status_code, headers)