def _load_user(identity):
if has_user_loader():
user = user_loader(identity)
if user is None:
raise UserLoadError("user_loader returned None for {}".format(identity))
else:
ctx_stack.top.jwt_user = user
def verify_jwt_token(encoded_token, token_type):
from flask_jwt_extended.exceptions import NoAuthorizationError, UserLoadError
from flask_jwt_extended import utils as jwt_utils
from flask_jwt_extended.config import config as jwt_config
if encoded_token is None:
raise NoAuthorizationError('Missing "access_token" query parameter')
token_data = decode_token(encoded_token)
jwt_utils.verify_token_type(token_data, expected_type=token_type)
jwt_utils.verify_token_not_blacklisted(token_data, token_type)
jwt_utils.verify_token_claims(token_data)
identity = token_data[jwt_config.identity_claim_key]
if jwt_utils.has_user_loader():
user = jwt_utils.user_loader(identity)
if user is None:
raise UserLoadError(
"user_loader returned None for {}".format(identity))
def is_accessible(self):
try:
token = request.args.get("jwt")
if not token:
token = urllib.parse.parse_qsl(request.args.get("url"))[0][1]
decoded_token = decode_token(token)
verify_token_not_blacklisted(decoded_token, request_type="access")
ctx_stack.top.jwt = decoded_token
if has_user_loader():
user = user_loader(ctx_stack.top.jwt["identity"])
if user is None:
raise UserLoadError(
"user_loader returned None for {}".format(user))
ctx_stack.top.jwt_user = user
current_user = get_jwt_identity()
is_admin = UserModel.query.filter_by(
username=current_user).one().admin
return current_user and is_admin
except Exception as e:
current_app.logger.critical("FAULTY ADMIN UI ACCESS: %s", str(e))
return False