def is_current_password(user_obj, password):
correct = False
try:
correct = pwd_context.verify(password, user_obj.password)
except Exception:
print("Exception in is_current_password()")
return correct
def route_login_access_token(username, password):
user = db_session.query(User).filter(User.email == username).first()
if not user or not pwd_context.verify(password, user.password):
abort(400, "Incorrect email or password")
elif not user.is_active:
abort(400, "Inactive user")
access_token_expires = timedelta(
minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
return {
"access_token":
create_access_token(identity=user.id,
expires_delta=access_token_expires),
"token_type":
"bearer",
}
def route_login_access_token(username, password):
user = db_session.query(User).filter(User.email == username).first()
if not user or not pwd_context.verify(password, user.password):
abort(400, 'Incorrect email or password')
elif not user.is_active:
abort(400, 'Inactive user')
access_token_expires = timedelta(
minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES)
refresh_token_expires = timedelta(days=config.REFRESH_TOKEN_EXPIRE_DAYS)
return {
'access_token':
create_access_token(identity=user.id,
expires_delta=access_token_expires),
'refresh_token':
create_refresh_token(identity=user.id,
expires_delta=refresh_token_expires),
'token_type':
'bearer',
}