def refresh(data): try: token = decode_token(data["refresh_token"]) if token["type"] != refresh: return error_response("The token was invalid") check_user_exists(token["identity"]) access_token = create_access_token(identity=token["identity"]) return success_response(access_token=access_token) except Exception as e: return error_response("The token was invalid")
def post(self): """ :param str old_password: required. :param str new_password: required. - JWT required. - Header: `\"Authorization\": \"Bearer {access_token}\"` """ current_user = get_jwt_identity() username = current_user['username'] args = parser_change_password.parse_args() old_password = args['old_password'] new_password = args['new_password'] result = check_user_exists(username) # password string stored_password = result.password verify_password(old_password, stored_password) try: # user = users.UserModel.query.filter_by(username=current_user).first() result.password = sha256.hash(new_password) db.session.commit() identity = {'username': result.username, 'role': result.role} access_token = create_access_token(identity=identity) refresh_token = create_refresh_token(identity=identity) return { 'access_token': access_token, "refresh_token": refresh_token }, 201 except SQLAlchemyError as e: error = str(e.__dict__['orig']) return {"Error": error}, 500
def check_user(current_user, password): """ A help method to verify user password in database. """ code, result = check_user_exists( current_user) # return status code + password if code != 200: abort(code, message=result) stored_password = result ok, msg = verify_password(password, stored_password) if not ok: abort(401, message=msg) return True
def post(self): """ - JWT refresh token required. - Header: `\"Authorization\": \"Bearer {refresh_token}\"` """ current_user = get_jwt_identity( ) # extract identity from refresh token username = current_user['username'] code, res = check_user_exists(username) if code != 200: abort(code, message=res) access_token = create_access_token(identity=current_user) return {'access_token': access_token}, 201
def login(data): username = data["username"] password = data["password"] ok, res = check_user_exists(username) # TODO if ok != 200: return error_response(res) hashed_password = res ok, msg = verify_password(password, hashed_password) if not ok: return error_response(msg) identity = {"username": username, "role": "user"} access_token = create_access_token(identity=identity) refresh_token = create_refresh_token(identity=identity) return success_response( username=username, access_token=access_token, refresh_token=refresh_token, )