def decode(creator, decoders, json_data):
'''Run decoders on json and result pass to creator function
json: (args -> value) -> List Decoder -> Json -> Result err value
'''
values = [decoder(getter(json_data)) for decoder in decoders] # pylint: disable=no-value-for-parameter
return rmap(creator, fold(values))
def decode(creator, decoders, tree):
'''Run decoders on xml and result pass to creator function
xml: (args -> value) -> List Decoder -> ElementTree -> Result value err
'''
values = [decoder(getter(tree)) for decoder in decoders] # pylint: disable=no-value-for-parameter
return rmap(creator, fold(values))
def create_verify_user(get_user,
header_key='X-Auth-Token',
on_error=unauthorized):
'''Create user verify decorator.
:param get_user: function that returns user object based on data from the token
:param header_key: token header field name
:param on_error: function called when pipeline result is error
:returns: user verify decorator
'''
pipeline = (
header_key,
lambda key: request.headers.get(key, ''),
lambda token: verify_token(token, app.config['SECRET_KEY']),
rmap(get_user), # pylint: disable=no-value-for-parameter
and_then(from_maybe('User not found.')), # pylint: disable=no-value-for-parameter
rmap(save_user), # pylint: disable=no-value-for-parameter
)
return partial(verify, pipeline=pipeline, on_error=on_error)
def verify(token, key):
''' Check the supplied token and it's expiration.
:param token: A token to verify
:param key: decryption key
:returns: result with data
**Examples**
returns data if token is valid
>>> from flask_chip.tokens import generate, verify
>>> key = "y):'QGE8M-b+MEKl@k4e<;*9.BqL=@~B"
>>> data = {'foo': 1234}
>>> token = generate(data, key=key)
>>> verify(token, key=key)
Result(status='Ok', value={'foo': 1234})
returns expiration error when token expire
>>> from time import sleep
>>> key = "y):'QGE8M-b+MEKl@k4e<;*9.BqL=@~B"
>>> data = {'foo': 1234}
>>> token = generate(data, key=key, exp=0)
>>> sleep(1) # wait for token expiration
>>> verify(token, key=key)
Result(status='Error', value='Token expired.')
returns time travele error
>>> from time import time
>>> iat = time() + 3600
>>> key = "y):'QGE8M-b+MEKl@k4e<;*9.BqL=@~B"
>>> data = {'foo': 1234}
>>> token = generate(data, key=key, iat=iat)
>>> verify(token, key=key)
Result(status='Error', value='Token traveled through time.')
returns error if token is invalid
>>> key = "y):'QGE8M-b+MEKl@k4e<;*9.BqL=@~B"
>>> data = {"foo": 1234}
>>> token = generate(data, key=key)
>>> key2 = "12345678901234567890123456789012"
>>> verify(token, key=key2)
Result(status='Error', value='invalid JWT')
'''
serializer = Serializer(key)
try:
return pipe(
token,
serializer.loads,
ok,
and_then(_expired), # pylint: disable=no-value-for-parameter
and_then(_time_traveled), # pylint: disable=no-value-for-parameter
rmap(lambda d: d['data']) # pylint: disable=no-value-for-parameter
)
except (SignatureExpired, BadSignature, TypeError):
return error('invalid JWT')
def dmap(func, decoder, val):
'''Run `decoder` with `val` and then map `func` to result
dmap: (a -> value) -> (val -> Result a) -> val -> Result value
'''
return rmap(func, decoder(val))