def wrapper(*args, **kwargs):
try:
flask_jwt.verify_jwt_refresh_token_in_request()
except Exception as e:
raise HTTP_401_UNAUTHORIZED(str(e))
return fn(*args, **kwargs)
def wrapper(*args, **kwargs):
if refresh:
verify_jwt_refresh_token_in_request()
else:
verify_jwt_in_request()
return func(*args, **kwargs)
def render(self, template, **kwargs):
try:
verify_jwt_in_request()
self._template_args['current_user'] = get_current_user()
current_app.logger.info("Access token ok for user {}".format(
get_current_user()))
resp = make_response(
super(PhaunosBaseView, self).render(template, **kwargs))
except ExpiredSignatureError:
# if the access token has expired, create new non-fresh token
current_app.logger.info("Access token has expired.")
try:
verify_jwt_refresh_token_in_request()
self._template_args['current_user'] = get_current_user()
access_token = create_access_token(identity=get_jwt_identity(),
fresh=False)
resp = make_response(
super(PhaunosBaseView, self).render(template, **kwargs))
set_access_cookies(resp, access_token)
except ExpiredSignatureError:
# if the refresh token has expired, user must login again
current_app.logger.info("Refresh token has expired")
resp = make_response(
super(PhaunosBaseView, self).render(template, **kwargs))
unset_jwt_cookies(resp)
except NoAuthorizationError:
current_app.logger.info("No authorization token.")
resp = make_response(
super(PhaunosBaseView, self).render(template, **kwargs))
return resp
def wrapper(*args, **kwargs):
access = False
refresh = False
code = None
if request.json:
data = request.json
if "code" in data:
code = data["code"]
else:
return jsonify(msg="An authorization code was not specified.")
else:
try:
verify_jwt_in_request()
access = True
except:
try:
verify_jwt_refresh_token_in_request()
refresh = True
except:
return jsonify(
msg=
"No valid tokens were given. Please ensure that a valid access or refresh token were given."
)
return fn(access, refresh, code, *args, **kwargs)
def wrapper(*args, **kwargs):
verify_jwt_refresh_token_in_request()
try:
get_authenticated_user()
return func(*args, **kwargs)
except (UserNotFound, AccountInactive) as error:
abort(403)
def wrapper(*args, **kwargs):
verify_jwt_refresh_token_in_request()
try:
get_authenticated_user()
return func(*args, **kwargs)
except (UserNotFound, AccountInactive) as error:
current_app.logger.error('authorization failed: %s', error)
abort(403)
def wrapper(*args, **kwargs):
try:
verify_jwt_refresh_token_in_request()
except:
flask.abort(401)
if kwargs is None:
kwargs = {}
kwargs['user'] = get_jwt_identity()
return fn(*args, **kwargs)
def decorated(*args, **kwargs):
verify_jwt_refresh_token_in_request()
mail = get_jwt_identity()
try:
TokenBlacklist.query.filter_by(jti=get_raw_jwt()["jti"]).one()
current_user = User.query.filter_by(mail=mail).one()
except:
return make_response('', 401)
return f(current_user, *args, **kwargs)
def debugSetAccessCookie():
try:
flask_jwt_extended.verify_jwt_refresh_token_in_request()
except flask_jwt_extended.exceptions.NoAuthorizationError as e:
raise flask_jwt_extended.exceptions.NoAuthorizationError(e.args[0] + ";\n Also note that refresh cookie is not directly usable here by design - it's limited to a specific path.")
current_user = flask_jwt_extended.get_jwt_identity()
access_token = flask_jwt_extended.create_access_token(identity=current_user, expires_delta=datetime.timedelta(days=1))
response_object = jsonify({})
flask_jwt_extended.set_access_cookies(response_object, access_token)
return response_object, 200
def refresh():
try:
verify_jwt_refresh_token_in_request()
except Exception:
return RefreshException()
identity = get_jwt_identity()
if identity:
access_token = create_access_token(identity=identity)
refresh_token = create_refresh_token(identity=identity)
return json_res(access_token=access_token, refresh_token=refresh_token)
return NotFound(msg='refresh_token未被识别')
def refresh():
try:
verify_jwt_refresh_token_in_request()
except Exception:
return RefreshFailed()
identity = get_jwt_identity()
if identity:
access_token = create_access_token(identity=identity)
refresh_token = create_refresh_token(identity=identity)
return {"access_token": access_token, "refresh_token": refresh_token}
return NotFound("refresh_token未被识别")
def post(self):
try:
verify_jwt_refresh_token_in_request()
except Exception as error:
from ..server import app
import logging
app.logger.log(logging.INFO, error)
return make_response("<error>Unauthorized</error>", 401)
# This endpoint will create and send back a new JWT access token.
# The JWT refresh token is valid for 30 days. This allows user's to refresh their session
current_user = get_jwt_identity()
access_token = create_access_token(identity=current_user)
# Create a new response to the client
response = Proxy().to_client()
response.data = "<message>Access token refreshed</message>"
# Set the JWT token and enforce the response in the cookie.
# Also sets the CSRF double submit protection cookies in this response
set_access_cookies(response, access_token)
return response
def wrapper(*args, **kwargs):
verify_jwt_refresh_token_in_request()
return fn(*args, **kwargs)
def wrapper(*args, **kwargs):
if not current_app.config.get("DISABLE_AUTH"):
verify_jwt_refresh_token_in_request()
return func(*args, **kwargs)
def wrapper(*args, **kwargs):
try:
verify_jwt_refresh_token_in_request()
except Exception as e:
abort(401, message=str(e))
return fn(*args, **kwargs)
def wrapper(*args, **kwargs):
if app.config["GRAMPS_AUTH_PROVIDER"] != "none":
verify_jwt_refresh_token_in_request()
return fn(*args, **kwargs)
