def post(self): args = self.reqparse() user = UserModel.by(email=args.email) if check_password_hash(user.password, args.password): jwt_payload = { 'exp': datetime.datetime.utcnow() + datetime.timedelta(days=30, seconds=5), 'iat': datetime.datetime.utcnow(), 'sub': user.id } try: token = jwt.encode(jwt_payload, app.config.get('SECRET_KEY'), algorithm='HS256') user.token = token.decode() err = user.update() if err != None: raise err resp = rp(success=True, payload=user.serialize()), 201 except Exception as e: resp = rp(message=str(e)), 500 else: resp = rp(message='The passsword is incorrect'), 404 return resp
def jwt_required(): authorization = request.headers.get('Authorization', '')[7:] path = request.path exclude = [ '/v1/auth/login', '/v1/auth/register', '/', '', ] if path not in exclude: try: payload = jwt.decode(authorization, app.config.get('SECRET_KEY')) UserModel.by(id=payload['sub']) except jwt.ExpiredSignatureError: return rp(message='Signature expired. Please log in again.') except jwt.InvalidTokenError: return rp(message='Invalid token. Please log in again.') except Exception as e: return rp(message=str(e)) return None
def current_identity(): authorization = request.headers.get('Authorization', '')[7:] payload = jwt.decode(authorization, app.config.get('SECRET_KEY')) return UserModel.by(id=payload['sub'])