def post(self):
"""
Endpoint for token requests.
Creates a new access token based on provided credentials.
:return: JSON with the token, refresh token and expiration time
"""
data = request.get_json(silent=True)
if data:
email = data.get('email')
password = data.get('password')
try:
user = User.objects.get(email=email, active=True)
except errors.DoesNotExist:
raise api_errors.UnauthorizedRequest(
api_errors.INVALID_CREDENTIALS_MSG)
if not user.verify_password(password):
raise api_errors.UnauthorizedRequest(
api_errors.INVALID_CREDENTIALS_MSG)
tokens_dict = current_app.token_handler.generate_tokens_dict(
user.pk)
return tokens_dict, 200
raise api_errors.InvalidAPIUsage(api_errors.INVALID_JSON_BODY_MSG)
def parse_auth_header():
"""
Parses the Authorization Header (if any) for the current request.
:return: The access token from the header or an unauthorized exception.
:raise api_errors.UnauthorizedRequest: When the header is missing/invalid.
"""
auth_header = request.headers.environ.get('HTTP_AUTHORIZATION')
if not auth_header:
raise api_errors.UnauthorizedRequest(
api_errors.MISSING_AUTH_HEADER_MSG)
if 'Token' not in auth_header or len(auth_header.split()) != 2:
raise api_errors.UnauthorizedRequest(
api_errors.INVALID_AUTH_HEADER_MSG)
return auth_header.split()[1]
def wrapper(*args, **kwargs):
if 'auth_error' in flask_g:
raise flask_g.auth_error
if not current_user:
raise api_errors.UnauthorizedRequest(
api_errors.INVALID_AUTH_TOKEN_MSG)
return view_func(*args, **kwargs)
def post(self):
"""
Endpoint for token refreshing.
Takes a refresh token from a JSON body and issues a new
access token.
:return: A new token with a new expiration time.
"""
data = request.get_json(silent=True)
if data:
refresh = data.get('refresh_token')
expire = current_app.token_handler.expires_in
new_token = current_app.token_handler.refresh_token(refresh)
if not new_token:
raise api_errors.UnauthorizedRequest(
api_errors.INVALID_REFRESH_TOKEN_MSG)
return dict(token=new_token, expires_in=expire), 200
raise api_errors.InvalidAPIUsage(api_errors.INVALID_JSON_BODY_MSG)
def post(self):
"""
Social authorization endpoint.
"""
request_data = request.get_json(silent=True)
# Check required data
if not request_data:
raise errors.InvalidAPIUsage(errors.INVALID_JSON_BODY_MSG)
provider_name = request_data.get('provider')
provider = oauth_handler.get_provider(provider_name)
if not provider:
raise errors.InvalidAPIUsage(errors.PROVIDER_INVALID_MSG)
access_token = request_data.get('token')
if not access_token:
raise errors.InvalidAPIUsage(errors.MISSING_PROVIDER_TOKEN_MSG)
user_id = request_data.get('user_id')
if not user_id:
raise errors.InvalidAPIUsage(errors.MISSING_PROVIDER_USER_ID_MSG)
# Validate the token
error_msg = provider.validate_token(access_token, user_id)
if error_msg:
raise errors.UnauthorizedRequest(errors.PROVIDER_INVALID_TOKEN_MSG)
user_data = provider.get_user_data(access_token)
if not user_data:
raise errors.BasicAPIException(errors.PROVIDER_INVALID_RESP_MSG)
# On new email, register the user
user, _ = User.get_or_create(**user_data)
user.save()
tokens_dict = current_app.token_handler.generate_tokens_dict(user.id)
return dict(tokens_dict), 200