コード例 #1
0
def resp_with_access_token(response, access_token):
    domain = get_config('api', 'jwt.domain')
    response.set_cookie(
        key='access_token',
        value=access_token,
        secure=get_config('api', 'jwt.secure'),
        httponly=True,
        expires=datetime.datetime.utcnow() +
        datetime.timedelta(seconds=get_config('api', 'jwt.exp')),
        domain=(domain if domain else None))
    return response
コード例 #2
0
def get_access_token(user_id):
    return jwt.encode(
        {
            'exp':
            datetime.datetime.utcnow() +
            datetime.timedelta(seconds=get_config('api', 'jwt.exp')),
            'user_id':
            user_id
        },
        get_config('api', 'jwt.secret'),
        algorithm='HS256')
コード例 #3
0
def get_payload(access_token):
    try:
        payload = jwt.decode(access_token,
                             get_config('api', 'jwt.secret'),
                             algorithm='HS256')
        if not payload or 'user_id' not in payload:
            raise TokenInvalid()
        return payload
    except ExpiredSignatureError:
        raise TokenExpired()
    except DecodeError:
        raise TokenInvalid()