async def get_access_token( db: Session = Depends(deps.get_db), *, user: schemas.UserLoginForm, Authorize: AuthJWT = Depends(), ) -> dict: user = crud.user.authenticate( db, email=user.email, password=user.password, ) if not user: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail=AuthError.INCORRECT_CREDS, ) elif not crud.user.is_active(user): raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail=AuthError.INACTIVE_USER, ) access_token = Authorize.create_access_token(subject=user.email) refresh_token = Authorize.create_refresh_token(subject=user.email) return { 'access_token': access_token, 'refresh_token': refresh_token, 'token_type': 'bearer', }
def get_cookie(Authorize: AuthJWT = Depends()): access_token = Authorize.create_access_token(subject='test',fresh=True) refresh_token = Authorize.create_refresh_token(subject='test') Authorize.set_access_cookies(access_token) Authorize.set_refresh_cookies(refresh_token) return {"msg":"Successfully login"}
async def refresh(user: User = Depends(get_active_user_from_cookie), Authorize: AuthJWT = Depends()): try: # set the user group if user.account_type == 'admin': user_claims = {'admin': True} admin_logger.info(f"Admin refresh token: {user.email}") elif user.account_type == 'filer': user_claims = {'filer': True} user_logger.info(f"User refresh token: {user.email}") elif user.account_type == 'public': user_claims = {'public': True} user_logger.info(f"Public refresh token: {user.email}") access_token = Authorize.create_access_token(subject=user.email, user_claims=user_claims) refresh_token = Authorize.create_refresh_token(subject=user.email, user_claims=user_claims) Authorize.set_refresh_cookies(refresh_token) return {"success": True, "access_token": access_token} except Exception as e: logger.exception(traceback.format_exc()) handle_exc(e)
async def login_user(user_data: dict, Authorize: AuthJWT) -> dict: user = await user_collection.find_one( {'user_name': user_data['user_name']}) user_id = user['_id'] user_name = user['user_name'] # print(user_id) # print(user_name) # expiratiom of tokens access_token_expire = datetime.timedelta(minutes=15) refresh_token_expire = datetime.timedelta(days=1) if (user is None) or (not auth_handler.get_verify_password( user_data['password'], user['password'])): raise HTTPException(status_code=401, detail='Invalid username and/or password') access_token = Authorize.create_access_token( subject=user['user_name'], expires_time=access_token_expire) refresh_token = Authorize.create_refresh_token(subject=user['user_name']) # refresh_token = Authorize.create_refresh_token( # subject=user['user_name'], expires_time=refresh_token_expire) return { 'access_token': access_token, 'refresh_token': refresh_token, 'user_name': str(user_name), '_id': str(user_id) }
def login( user: schemas.UserCreate, db: Session = Depends(get_db), Authorize: AuthJWT = Depends(), ): crud.prune_blacklist(db) _user = (db.query(models.User).filter( models.User.username == user.username.casefold()).first()) if _user is not None and crud.verify_password(user.password, _user.hashed_password): # Create Tokens access_token = Authorize.create_access_token(subject=user.username) refresh_token = Authorize.create_refresh_token(subject=user.username) # Assign cookies Authorize.set_access_cookies(access_token) Authorize.set_refresh_cookies(refresh_token) return { "login": "******", "username": _user.username, "access_token": access_token, } else: raise HTTPException(status_code=400, detail="Invalid Username or Password.")
def all_token_response(Authorize: AuthJWT = Depends()): access_token = Authorize.create_access_token(subject=1, fresh=True) refresh_token = Authorize.create_refresh_token(subject=1) response = JSONResponse(content={"msg": "all token"}) Authorize.set_access_cookies(access_token, response) Authorize.set_refresh_cookies(refresh_token, response) return response
def get_token(Authorize: AuthJWT = Depends()): access_token = Authorize.create_access_token(subject=1, fresh=True) refresh_token = Authorize.create_refresh_token(subject=1) Authorize.set_access_cookies(access_token) Authorize.set_refresh_cookies(refresh_token) return {"access": access_token, "refresh": refresh_token}
def login(user: User, Authorize: AuthJWT = Depends()): if user.username != "test" or user.password != "test": raise HTTPException(status_code=401, detail="Bad username or password") access_token = Authorize.create_access_token(subject=user.username) refresh_token = Authorize.create_refresh_token(subject=user.username) return {"access_token": access_token, "refresh_token": refresh_token}
def create_token_for_user(Authorize: AuthJWT, user_id: str) -> Dict: response = RedirectResponse( f'{Config["routes"]["client"]}/login_callback?user_id={user_id}') access_token = Authorize.create_access_token(subject=user_id) refresh_token = Authorize.create_refresh_token(subject=user_id) Authorize.set_access_cookies(access_token, response) Authorize.set_refresh_cookies(refresh_token, response) return response
def login(user: User, Authorize: AuthJWT = Depends()): if user.username != 'test' or user.password != 'test': raise HTTPException(status_code=401, detail='Bad username or password') ret = { 'access_token': Authorize.create_access_token(identity=user.username), 'refresh_token': Authorize.create_refresh_token(identity=user.username) } return ret
def login(user: User, Authorize: AuthJWT = Depends()): if user.username != "test" or user.password != "test": raise HTTPException(status_code=401, detail="Bad username or password") # You can define different algorithm when create a token access_token = Authorize.create_access_token(subject=user.username, algorithm="HS384") refresh_token = Authorize.create_refresh_token(subject=user.username, algorithm="HS512") return {"access_token": access_token, "refresh_token": refresh_token}
def create_access_and_refresh_tokens(user_id: str, Authorize: AuthJWT): try: access_token = Authorize.create_access_token(subject=user_id) Authorize.set_access_cookies(access_token) refresh_token = Authorize.create_refresh_token(subject=user_id) Authorize.set_refresh_cookies(refresh_token) except: raise HTTPException( status_code=500, detail=f"Error while trying to create and refresh tokens")
def login(user: User, Authorize: AuthJWT = Depends()): if user.username != "test" or user.password != "test": raise HTTPException(status_code=401, detail="Bad username or password") expires = datetime.timedelta(days=1) refresh_expires = datetime.timedelta(days=2) access_token = Authorize.create_access_token(subject=user.username, expires_time=expires) refresh_token = Authorize.create_refresh_token( subject=user.username, expires_time=refresh_expires) return {"access_token": access_token, "refresh_token": refresh_token}
def login(user: User, Authorize: AuthJWT = Depends()): msg = password_check(user.password) if len(msg) >= 1: raise HTTPException(status_code=401,detail=msg) # subject identifier for who this token is for example id or username from database access_token = Authorize.create_access_token(subject=user.username) refresh_token = Authorize.create_refresh_token(subject=user.username) # Set the JWT cookies in the response Authorize.set_access_cookies(access_token) Authorize.set_refresh_cookies(refresh_token) return {"msg":"Successfully login"}
def login(user: User): if user.username != 'test' or user.password != 'test': raise HTTPException(status_code=401, detail='Bad username or password') # Use create_access_token() and create_refresh_token() to create our # access and refresh tokens ret = { 'access_token': AuthJWT.create_access_token(identity=user.username), 'refresh_token': AuthJWT.create_refresh_token(identity=user.username) } return ret
def login(user: User, Authorize: AuthJWT = Depends()): if user.username != "test" or user.password != "test": raise HTTPException(status_code=401, detail="Bad username or password") # Create the tokens and passing to set_access_cookies or set_refresh_cookies access_token = Authorize.create_access_token(subject=user.username) refresh_token = Authorize.create_refresh_token(subject=user.username) # Set the JWT cookies in the response Authorize.set_access_cookies(access_token) Authorize.set_refresh_cookies(refresh_token) return {"msg": "Successfully login"}
def auth_jwt_encode_user( auth_jwt: AuthJWT, user: Optional[User] = None, oauth: Optional[OAuth2Profile] = None, oauth_name: Optional[str] = None, fresh: bool = True, ) -> Tuple[str, str]: if user is None and oauth is None: raise UnauthorizedError( "At least one of user and oauth2_profile should be provided." ) if user is not None and oauth is not None: raise UnauthorizedError( "At most one of user and oauth2_profile should be provided." ) if user is not None: subject = str(user.id) user_claims = JWTUserClaims( category="user", username=user.username, email=user.email, gravatar=user.gravatar, student_id=user.student_id, real_name=user.real_name, role=user.role, oauth_name=oauth_name, is_active=user.is_active, ) elif oauth is not None: subject = str(oauth.account_id) user_claims = JWTUserClaims( category="oauth", username=oauth.account_name, email=oauth.account_email, gravatar="", student_id=oauth.student_id, real_name=oauth.real_name, oauth_name=oauth.oauth_name, is_active=False, ) else: assert False access_token = auth_jwt.create_access_token( subject=subject, user_claims=user_claims.dict(by_alias=True), fresh=fresh, ) refresh_token = auth_jwt.create_refresh_token( subject=subject, user_claims={"oauthName": user_claims.oauth_name} ) return access_token, refresh_token
def login(user: User, Authorize: AuthJWT = Depends()): if user.username != "test" or user.password != "test": raise HTTPException(status_code=401, detail="Bad username or password") """ create_access_token supports an optional 'fresh' argument, which marks the token as fresh or non-fresh accordingly. As we just verified their username and password, we are going to mark the token as fresh here. """ access_token = Authorize.create_access_token(subject=user.username, fresh=True) refresh_token = Authorize.create_refresh_token(subject=user.username) return {"access_token": access_token, "refresh_token": refresh_token}
def test_refresh_required(client): url = '/jwt-refresh-required' # only refresh token allowed token = AuthJWT.create_access_token(identity='test') response = client.get( url, headers={"Authorization": f"Bearer {token.decode('utf-8')}"}) assert response.status_code == 422 assert response.json() == {'detail': 'Only refresh tokens are allowed'} token = AuthJWT.create_refresh_token(identity='test') response = client.get( url, headers={"Authorization": f"Bearer {token.decode('utf-8')}"}) assert response.status_code == 200 assert response.json() == {'hello': 'world'}
def login( form_data: schemas.User_login, db: Session = Depends(get_db), Authorize: AuthJWT = Depends(), ): status = crud.compare_password(db, form_data) if not status: raise HTTPException(status_code=400, detail="Incorrect username or password") access_token = Authorize.create_access_token(subject=form_data.email) refresh_token = Authorize.create_refresh_token(subject=form_data.email) return {"access_token": access_token, "refresh_token": refresh_token}
def user_login(credentials: Credentials, Authorize: AuthJWT = Depends(), db: Database = Depends(mysql_connection)): Authorize.jwt_optional() print(credentials) if not db.is_user_registred(credentials.email, credentials.password): raise HTTPException(status_code=401, detail="Bad credentials") access_token = Authorize.create_access_token(subject=credentials.email) refresh_token = Authorize.create_refresh_token(subject=credentials.email) response = JSONResponse( {"user_id": db.find_user_by_email(credentials.email)[0]}) Authorize.set_access_cookies(access_token, response) Authorize.set_refresh_cookies(refresh_token, response) return response
async def refresh_tokens(Authorize: AuthJWT = Depends()): Authorize.jwt_refresh_token_required() current_user = Authorize.get_jwt_subject() jti = Authorize.get_raw_jwt()['jti'] access_token = Authorize.create_access_token(subject=current_user) refresh_token = Authorize.create_refresh_token(subject=current_user) if not DEBUG_LOGIN: app.state.redis.revoke_tokens(jti) app.state.redis.save_tokens(Authorize.get_jti(access_token), Authorize.get_jti(refresh_token)) return {"access_token": access_token, "refresh_token": refresh_token, "result": True}
def login(user: User): if user.username != 'test' or user.password != 'test': raise HTTPException(status_code=401, detail='Bad username or password') # create_access_token supports an optional 'fresh' argument, # which marks the token as fresh or non-fresh accordingly. # As we just verified their username and password, we are # going to mark the token as fresh here. ret = { 'access_token': AuthJWT.create_access_token(identity=user.username, fresh=True), 'refresh_token': AuthJWT.create_refresh_token(identity=user.username) } return ret
def login(user: User, Authorize: AuthJWT = Depends()): """ With authjwt_cookie_csrf_protect set to True, set_access_cookies() and set_refresh_cookies() will now also set the non-httponly CSRF cookies """ if user.username != "test" or user.password != "test": raise HTTPException(status_code=401, detail="Bad username or password") # Create the tokens and passing to set_access_cookies or set_refresh_cookies access_token = Authorize.create_access_token(subject=user.username) refresh_token = Authorize.create_refresh_token(subject=user.username) # Set the JWT and CSRF double submit cookies in the response Authorize.set_access_cookies(access_token) Authorize.set_refresh_cookies(refresh_token) return {"msg": "Successfully login"}
async def login(user: UserLogin, res: Response, Authorize: AuthJWT = Depends(auth_token)): user_exists = await UserFetch.filter_by_email(user.email) if ( user_exists and UserLogic.check_user_password(password=user.password,hashed_pass=user_exists.password) ): access_token = Authorize.create_access_token(identity=user_exists.id,fresh=True) refresh_token = Authorize.create_refresh_token(identity=user_exists.id) return { "access_token": access_token, "refresh_token": refresh_token, "username": user_exists.username } res.status_code = 422 return {"message":"Invalid credential"}
async def login(credentials: OAuth2PasswordRequestForm = Depends(), Authorize: AuthJWT = Depends()): user = await M.user_db.authenticate(credentials) if user is None or not user.is_active: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail=ErrorCode.LOGIN_BAD_CREDENTIALS, ) # raise HTTPException(status_code=401, detail="Bad username or password") """ create_access_token supports an optional 'fresh' argument, which marks the token as fresh or non-fresh accordingly. As we just verified their username and password, we are going to mark the token as fresh here. """ access_token = Authorize.create_access_token(subject=str(user.id), fresh=True) refresh_token = Authorize.create_refresh_token(subject=str(user.id)) return {"access_token": access_token, "refresh_token": refresh_token}
async def login(request: Request, user: Login, Authorize: AuthJWT = Depends()): # """ # create access and refresh token and save it as # httponly cookie # """ # query = USER.select().where(USER.c.email == user.email) # data = await database.fetch_one(query) data = await UserSchema.get(user.email) if data == None or user.email != data['email'] or user.password != data[ 'password']: raise HTTPException(status_code=401, detail="Bad username or password") token = Authorize.create_access_token(subject=user.email) refresh_token = Authorize.create_refresh_token(subject=user.email) Authorize.set_access_cookies(token) Authorize.set_refresh_cookies(refresh_token) return {"msg": "Successfully login"}
def login( email: str = Body(...), password: str = Body(...), Authorize: AuthJWT = Depends(), db: Session = Depends(get_db), ): dbuser = userCRUD.authenticate(db, email=email, password=password) if not dbuser: raise HTTPException(status_code=401, detail="Failed to Authenticate") refresh_token = Authorize.create_refresh_token(subject=dbuser.id) access_token = Authorize.create_access_token(subject=dbuser.id, user_claims={ "username": dbuser.username, "email": dbuser.email, }) Authorize.set_refresh_cookies(refresh_token) return {"access_token": access_token}
def obtain_token(user, db): """ - Authenticate and generate JWT token using valid username and password """ db_user = manager.get_user_by_username(db, username=user.username) if db_user is None: raise HTTPException(status_code=400, detail="Username not existed") else: is_password_correct = manager.check_username_password(db, user) if is_password_correct is False: raise HTTPException(status_code=400, detail="Password is not correct") else: access_token = AuthJWT.create_access_token(identity=user.username) refresh_token = AuthJWT.create_refresh_token( identity=user.username) return { "access_token": access_token, "refresh_token": refresh_token, "token_type": "Bearer" }
def login(user: LoginScheme, Authorize: AuthJWT = Depends()): registered_user = UsersCollection.get_one_obj({"email": user.email}) if registered_user: password_correct = UsersCollection.verify_password( user.password, registered_user['password']) if password_correct: access_token = Authorize.create_access_token( subject=registered_user['email']) refresh_token = Authorize.create_refresh_token( subject=registered_user['email']) if not DEBUG_LOGIN: app.state.redis.save_tokens(Authorize.get_jti(access_token), Authorize.get_jti(refresh_token)) return { "access_token": access_token, "refresh_token": refresh_token, "result": True, "user_id": str(registered_user["_id"]), "role": registered_user["role"] } return {"result": False, "msg": "Invalid credentials"}