from auth_table import User from hashlib import md5 from itsdangerous import (TimedJSONWebSignatureSerializer as Serializer, BadSignature, SignatureExpired) from flask import g from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth from config_reader import ConfigReader from base import session token_auth = HTTPTokenAuth() basic_auth = HTTPBasicAuth() cr = ConfigReader() secret_key = cr.get_secret_key() @basic_auth.verify_password def verify_password(username, password): hash_password = md5(password.encode('utf-8')).hexdigest() stored_password = session.query( User.password_hash).filter_by(username=username).first()[0] if hash_password == stored_password: g.username = username return True else: return False def generate_auth_token(expiration=600): s = Serializer(secret_key, expires_in=expiration) return s.dumps({'user': g.username})