def graphql_server(): # GraphQL queries are always sent as POST data = request.get_json() print(data) # Note: Passing the request to the context is optional. # In Flask, the current request is always accessible as flask.request # if the cookie contains "access_token_cookie" and "refresh_token_cookie" # set those tokens to tokens global variable # this way we can make sure every has token if request.cookies: set_tokens(request.cookies) try: success, result = graphql_sync( schema, data, context_value=request, debug=app.debug ) except Exception as e: return { "message": "Something went wrong." }, 500 tokens = get_tokens() result = jsonify(result) if tokens: set_access_cookies(result, tokens["access_token_cookie"]) set_refresh_cookies(result, tokens["refresh_token_cookie"]) else: unset_access_cookies(result) unset_refresh_cookies(result) status_code = 200 if success else 400 return result, status_code
def logout(): if current_user: current_user.save() resp = make_response(redirect(url_for("users.login"))) unset_access_cookies(resp) unset_refresh_cookies(resp) return resp
def post(self): resp = make_response({"message": "Signed out"}) unset_access_cookies(resp) unset_refresh_cookies(resp) return resp
def post(self): jti = get_raw_jwt()['jti'] try: revoked_token = RevokedTokenModel(jti=jti) revoked_token.add() resp = jsonify(success=True) unset_refresh_cookies(resp) return resp except: return jsonify(success=False), 500
def post(self): jti = get_raw_jwt()['jti'] try: revoked_token = RevokedTokenModel(jti=jti) revoked_token.add() response = jsonify({"logout_refresh": True}) unset_refresh_cookies(response) return response except: return {'message': 'Something went wrong'}, 500
def logout(): jwt = flask_jwt_extended.get_raw_jwt() if "jti" not in jwt: # already unset return redirect("/", code=302) app.blacklist.add(jwt['jti']) response = redirect("/", code=302) flask_jwt_extended.unset_access_cookies(response) flask_jwt_extended.unset_refresh_cookies(response) return response
def my_unauthorized_callback(msg): current_app.logger.warning('unauthorized_loader activated with JWT token\n') if 'access_token_cookie' in request.cookies or 'refresh_token_cookie' in request.cookies: flash("Unauthorized") if len(request.url) >= 16 and ('invite' in request.url or 'submit' in request.url): index = request.url.find('potm.rocks') link = request.url[index + 11:] session['url_saved'] = link if 'AJAX' in request.headers: current_app.logger.warning('AJAX called in unauthorized') return jsonify(redirect=url_for('index.index')), 200 session.clear() response = redirect(url_for('index.index')) unset_refresh_cookies(response) unset_jwt_cookies(response) return redirect(url_for('index.index'), 302)
def logout(): '''Logs user out by deleting refresh token associated with account and also reseting the cookie that stores the refresh token on the client's browser. :reqheader Cookie: refresh token :resheader Set-Cookie: deletes refresh token cookie :status 200: successfully logged out :status 422: no refresh token present, likely already logged out ''' id = get_jwt_identity() jti = get_raw_jwt()['jti'] db.users.update_one( { '_id' : ObjectId(id) }, { '$pull': { 'refresh_tokens' : { '$in': [ jti ] } } }, ) resp = jsonify({'logout': True}) unset_refresh_cookies(resp) return resp, 200
def logout_user(r): unset_access_cookies(r) unset_refresh_cookies(r)
def delete_refresh_tokens(): resp = jsonify(refresh_revoked=True) unset_refresh_cookies(resp) return resp
def delete_refresh_tokens(): domain = request.args.get("domain") resp = jsonify(refresh_revoked=True) unset_refresh_cookies(resp, domain=domain) return resp
def logout(api_version): resp = jsonify({}) unset_access_cookies(resp) unset_refresh_cookies(resp) return resp, 200
def logout(): resp = jsonify({'logout': True}) unset_access_cookies(resp) unset_refresh_cookies(resp) unset_jwt_cookies(resp) return redirect(url_for('hello'))
def logout(): session.clear() response = redirect(url_for('index.index')) unset_refresh_cookies(response) unset_jwt_cookies(response) return response