コード例 #1
0
def refresh_user_token():
    response_object = {
        "status": "fail",
        "message": "Provide a valid refresh token."
    }
    auth_header = request.headers.get("Authorization")
    if not auth_header:
        return jsonify(response_object), 403
    refresh_token = auth_header.split(" ")[1]

    try:
        resp = UserModel.decode_token(refresh_token)
        user = UserModel.find_by_id(resp)
        if not user:
            response_object["status"] = "fail"
            response_object["message"] = "Invalid token"
            return jsonify(response_object), 401
        new_access_token = user.encode_token(user.id, "access")
        new_refresh_token = user.encode_token(user.id, "refresh")

        response_object = {
            "status": "success",
            "access_token": new_access_token.decode(),
            "refresh_token": new_refresh_token.decode(),
        }
        return response_object, 200
    except jwt.ExpiredSignatureError:
        response_object["status"] = "fail"
        response_object["message"] = "Signature expired. Please log in again."
        return jsonify(response_object), 401
    except jwt.InvalidTokenError:
        response_object["status"] = "fail"
        response_object["message"] = "Invalid token. Please log in again.."
        return jsonify(response_object), 401
コード例 #2
0
 def decorated_function(*args, **kwargs):
     response_object = {
         "status": "fail",
         "message": "Provide a valid auth token."
     }
     auth_header = request.headers.get("Authorization")
     if not auth_header:
         return response_object, 403
     auth_token = auth_header.split(" ")[1]
     resp = UserModel.decode_token(auth_token)
     if isinstance(resp, str):
         response_object["message"] = resp
         return response_object, 401
     user = UserModel.find_by_id(_id=resp)
     if not user:
         return response_object, 401
     confirmation = user.most_recent_confirmation
     if not confirmation or not confirmation.confirmed:
         response_object[
             "message"] = "You have not confirmed registration. Please check your email."
         return response_object, 401
     return f(resp, *args, **kwargs)
コード例 #3
0
 def test_decode_refresh_token(self):
     user = TestUtils.add_user(**TestData.user_data_model_1)
     auth_token = user.encode_token(user.id, "refresh")
     self.assertTrue(isinstance(auth_token, bytes))
     self.assertEqual(UserModel.decode_token(auth_token), user.id)