def _get_tokens(self):
with self.app.app_context():
self.admin_access_token = 'JWT {}'.format(
AccessTokenModelV2.create_access_token(self.admin, 'TEST'))
self.admin_refresh_token = 'JWT {}'.format(
RefreshTokenModelV2.create_refresh_token(self.admin, 'TEST'))
self.student_access_token = 'JWT {}'.format(
AccessTokenModelV2.create_access_token(self.student, 'TEST'))
self.student_refresh_token = 'JWT {}'.format(
RefreshTokenModelV2.create_refresh_token(self.student, 'TEST'))
def post(self):
"""
관리자 로그인
"""
id = request.form['id']
pw = request.form['pw']
pw = hexlify(pbkdf2_hmac(
hash_name='sha256',
password=pw.encode(),
salt=current_app.secret_key.encode(),
iterations=100000
)).decode('utf-8')
# pbkdf2_hmac hash with salt(secret key) and 100000 iteration
admin = AdminModel.objects(id=id, pw=pw).first()
if not admin:
abort(401)
# --- Auth success
user_agent = request.headers.get('USER-AGENT', 'Windows Application') or 'Windows Application'
return self.unicode_safe_json_response({
'access_token': AccessTokenModelV2.create_access_token(admin, user_agent),
'refresh_token': RefreshTokenModelV2.create_refresh_token(admin, user_agent)
}, 200)
def post(self):
"""
학생 로그인
"""
id = request.form['id']
pw = request.form['pw']
pw = hexlify(
pbkdf2_hmac(hash_name='sha256',
password=pw.encode(),
salt=current_app.secret_key.encode(),
iterations=100000)).decode('utf-8')
# pbkdf2_hmac hash with salt(secret key) and 100000 iteration
student = StudentModel.objects(id=id, pw=pw).first()
if not student:
abort(401)
# --- Auth success
return self.unicode_safe_json_response(
{
'access_token':
AccessTokenModelV2.create_access_token(
student, request.headers['USER-AGENT']),
'refresh_token':
RefreshTokenModelV2.create_refresh_token(
student, request.headers['USER-AGENT'])
}, 200)
def wrapper(*args, **kwargs):
token = AccessTokenModelV2.objects(
identity=UUID(get_jwt_identity())).first()
if token:
g.user = token.key.owner
else:
abort(403)
return fn(*args, **kwargs)
def get(self):
"""
로그인 여부 체크
"""
try:
return Response(
'', 200 if AccessTokenModelV2.objects(
identity=UUID(get_jwt_identity())) else 204)
except ValueError:
abort(422)
def get(self):
try:
token = RefreshTokenModelV2.objects(identity=UUID(get_jwt_identity())).first()
if not token:
abort(401)
return {
'accessToken': AccessTokenModelV2.create_access_token(token.key.owner, request.headers['USER-AGENT'])
}
except ValueError:
abort(422)
def wrapper(*args, **kwargs):
try:
token= AccessTokenModelV2.objects(identity=UUID(get_jwt_identity())).first()
if token and isinstance(token.key.owner, model):
g.user = token.key.owner
else:
abort(403)
return fn(*args, **kwargs)
except ValueError:
abort(422)
def post(self):
"""
학생 로그인
"""
payload = request.json
student = StudentModel.objects(id=payload['id'], pw=self.encrypt_password(payload['password'])).first()
return ({
'accessToken': AccessTokenModelV2.create_access_token(student, request.headers['USER-AGENT']),
'refreshToken': RefreshTokenModelV2.create_refresh_token(student, request.headers['USER-AGENT'])
}, 201) if student else Response('', 401)
def post(self):
"""
관리자 로그인
"""
payload = request.json
admin = AdminModel.objects(id=payload['id'], pw=self.encrypt_password(payload['password'])).first()
user_agent = request.headers.get('USER-AGENT', 'Windows Application') or 'Windows Application'
return ({
'accessToken': AccessTokenModelV2.create_access_token(admin, user_agent),
'refreshToken': RefreshTokenModelV2.create_refresh_token(admin, user_agent)
}, 201) if admin else Response('', 401)
def post(self):
"""
새로운 Access Token 획득
"""
token = RefreshTokenModelV2.objects(identity=UUID(get_jwt_identity())).first()
if not token:
abort(205)
user_agent = request.headers.get('USER-AGENT', 'Windows Application') or 'Windows Application'
return self.unicode_safe_json_response({
'access_token': AccessTokenModelV2.create_access_token(token.key.owner, user_agent)
}, 200)
def post(self):
"""
새로운 Access Token 획득
"""
try:
token = RefreshTokenModelV2.objects(
identity=UUID(get_jwt_identity())).first()
if not token:
# Invalid token or the token issuing password is different from the current password
# Returns status code 205 : Reset Content
return Response('', 205)
return self.unicode_safe_json_response(
{
'access_token':
AccessTokenModelV2.create_access_token(
token.key.owner, request.headers['USER-AGENT'])
}, 200)
except ValueError:
abort(422)