def post(self):
args = self.reqparse()
user = UserModel.by(email=args.email)
if check_password_hash(user.password, args.password):
jwt_payload = {
'exp':
datetime.datetime.utcnow() +
datetime.timedelta(days=30, seconds=5),
'iat':
datetime.datetime.utcnow(),
'sub':
user.id
}
try:
token = jwt.encode(jwt_payload,
app.config.get('SECRET_KEY'),
algorithm='HS256')
user.token = token.decode()
err = user.update()
if err != None:
raise err
resp = rp(success=True, payload=user.serialize()), 201
except Exception as e:
resp = rp(message=str(e)), 500
else:
resp = rp(message='The passsword is incorrect'), 404
return resp
def jwt_required():
authorization = request.headers.get('Authorization', '')[7:]
path = request.path
exclude = [
'/v1/auth/login',
'/v1/auth/register',
'/',
'',
]
if path not in exclude:
try:
payload = jwt.decode(authorization, app.config.get('SECRET_KEY'))
UserModel.by(id=payload['sub'])
except jwt.ExpiredSignatureError:
return rp(message='Signature expired. Please log in again.')
except jwt.InvalidTokenError:
return rp(message='Invalid token. Please log in again.')
except Exception as e:
return rp(message=str(e))
return None
def current_identity():
authorization = request.headers.get('Authorization', '')[7:]
payload = jwt.decode(authorization, app.config.get('SECRET_KEY'))
return UserModel.by(id=payload['sub'])
