def post(self):
"""Refresh an existing token."""
post_data = request.get_json()
refresh_token = post_data.get("refresh_token")
response_object = {}
try:
resp = User.decode_token(refresh_token)
user = get_user_by_id(resp)
if not user:
auth_namespace.abort(401, "Invalid token")
access_token = user.encode_token(user.id, "access")
refresh_token = user.encode_token(user.id, "refresh")
response_object = {
"access_token": access_token.decode(),
"refresh_token": refresh_token.decode(),
}
return response_object, 200
except jwt.ExpiredSignatureError:
auth_namespace.abort(401,
"Signature expired. Please log in again.")
return "Signature expired. Please log in again."
except jwt.InvalidTokenError:
auth_namespace.abort(401, "Invalid token. Please log in again.")
def get(self):
auth_header = request.headers.get("Authorization") or ""
if auth_header:
try:
access_token = auth_header.split(" ")[1]
user_id = User.decode_token(access_token)
user = get_user_by_id(user_id)
if not user:
namespace.abort(401, "Invalid token")
return user, 200
except jwt.ExpiredSignatureError:
namespace.abort(401, "Token expired")
except jwt.InvalidTokenError:
namespace.abort(401, "Invalid token")
except IndexError:
namespace.abort(401, "Invalid token")
else:
namespace.abort(403, "Access token required")
def get(self):
auth_header = request.headers.get("Authorization")
if auth_header:
try:
access_token = auth_header.split(" ")[1]
resp = User.decode_token(access_token)
user = get_user_by_id(resp)
if not user:
auth_namespace.abort(401, "Invalid token")
return user, 200
except jwt.ExpiredSignatureError:
auth_namespace.abort(
401, "Signature expired. Please log in again.")
return "Signature expired. Please log in again."
except jwt.InvalidTokenError:
auth_namespace.abort(401,
"Invalid token. Please log in again.")
else:
auth_namespace.abort(403, "Token required")
def decorator(*args, **kwargs):
token = None
if 'Authorization' in request.headers:
auth_header = request.headers.get("Authorization")
token = auth_header
resp = User.decode_token(token)
if not resp:
users_namespace.abort(404, f"a valid token is missing")
try:
user = get_user_by_id(resp)
if not user:
users_namespace.abort(404, f"User does not exist")
except Exception as e:
users_namespace.abort(404, f"a valid token is missing")
return f(*args, **kwargs)
def post(self):
"""Creates new Access and Refresh tokens."""
payload = request.get_json()
refresh_token = payload.get("refresh_token")
try:
user_id = User.decode_token(refresh_token)
user = get_user_by_id(user_id)
if not user:
namespace.abort(401, "Invalid token")
access_token = User.encode_token(user.id, "access").decode()
refresh_token = User.encode_token(user.id, "refresh").decode()
return {
"access_token": access_token,
"refresh_token": refresh_token
}, 200
except jwt.ExpiredSignature:
namespace.abort(401, "Token expired")
except jwt.InvalidTokenError:
namespace.abort(401, "Invalid token")
def refresh():
post_data = request.get_json()
refresh_token = post_data['refresh_token']
response_object = {}
try:
resp = User.decode_token(refresh_token)
user = get_user_by_id(resp)
if not user:
response_object["message"] = "Invalid token"
return response_object, 401
access_token = user.encode_token(user.id, "access")
refresh_token = user.encode_token(user.id, "refresh")
response_object = {
"access_token": access_token.decode(),
"refresh_token": refresh_token.decode(),
}
return response_object, 200
except jwt.ExpiredSignatureError:
auth_namespace.abort(401, "Signature expired. Please log in again.")
return "Signature expired. Please log in again."
except jwt.InvalidTokenError:
auth_namespace.abort(401, "Invalid token. Please log in again.")
def get_status():
auth_header = request.headers.get("Authorization")
response_object = {}
if auth_header:
try:
access_token = auth_header.split(" ")[1]
resp = User.decode_token(access_token)
user = get_user_by_id(resp)
if not user:
response_object['message'] = "Invalid token"
return response_object, 401
response_object['username'] = user.username
response_object['email'] = user.email
return response_object, 200
except jwt.ExpiredSignatureError:
response_object["message"] = "Signature expired. Please log in again."
return response_object, 401
except jwt.InvalidTokenError:
response_object["message"] = "Invalid token. Please log in again."
return response_object, 401
else:
auth_namespace.abort(403, "Token required")
response_object["message"] = "Token required."
return response_object, 403
def test_decode_token(test_app, test_database, add_user):
user = add_user("justatest", "*****@*****.**", "test")
token = user.encode_token(user.id, "refresh")
assert isinstance(token, bytes)
assert User.decode_token(token) == user.id
def test_decode_token(test_app, test_database, add_user):
user = add_user("foo", "*****@*****.**", "foobar")
token = user.encode_token(user.id, "access")
assert isinstance(token, bytes)
assert User.decode_token(token) == user.id
def test_decode_refresh_token(test_app, test_database, add_user):
user = add_user("aaa", "*****@*****.**", "xyz")
token = User.encode_token(user.id, "refresh")
assert isinstance(token, bytes)
assert User.decode_token(token) == user.id