def request_token(): """ request_token takes in email and password, returns the authentication token Returns: [type]: [description] """ if request.json is None: return Responses.OPERATION_FAILED() email = request.json.get('email', None) password = request.json.get('password', None) user = User.authenticate(email, password) # ensure email is confirmed if not user.email_confirmed: user.send_confirmation_email(user.email) return Responses.UNCONFIRMED_USER() if user: token = create_access_token(identity=user.token_identity()) # refresh_token = create_refresh_token(identity=user.token_identity()) response, status = res() set_access_cookies(response, token) # set_refresh_cookies(response, refresh_token) # identiti = get_jwt_identity() # print(identiti) # set token to httponly cookies return response, status return Responses.AUTHENTICATION_FAILED()
def get_current_user(): """ get_user retruns user info for my account page Returns: (json string, status) """ identity = get_jwt_identity() email = User.get_email_from_identity(identity) if not email: return Responses.AUTHENTICATION_FAILED() user = User.get_user_by_email(email) return res(user.as_dict())
def wrapper(*args, **kwargs): # Verify if user token is valid (logginged) if has_request_context(): try: # token = get_jwt_identity() # print(token) verify_jwt_in_request() except Exception as e: print(e) return Responses.AUTHENTICATION_FAILED() identity = get_jwt_identity() email = User.get_email_from_identity(identity) if not email: return Responses.AUTHENTICATION_FAILED() #TODO add check if email is activated # Verify if user is in the right role if not User.authorisation(email, roles): return Responses.AUTHORISATION_FAILED() response, status = function(*args, **kwargs) set_access_cookies( response, create_access_token( identity=User.generate_token_identity(email))) return response, status