def post(self):
"""
POST /auth/authorize
Refresh Token required in Authorization header
generates an Access Token from a Refresh Token
"""
token = request.headers.get("Authorization")
if token is None:
return self.format_failure(400, "No Authorization Header provided")
error, _ = validate_refresh_token(token)
if error is not None:
return self.format_failure(401, error)
if "Bearer " in token:
token = token.split(" ").pop()
existing_token = get_refresh_token(token)
if existing_token is None:
return self.format_failure(401, "Invalid Token")
if existing_token.revoked:
return self.format_failure(401, "Token Revoked")
user = UserService.get_by_id(int(existing_token.user_id))
if user is None:
return self.format_failure(
404, "User associated with token does not exist")
access_token = generate_access_token(user.id, user.tribe_id, user.role)
return self.format_success(200, {"token": access_token})
def get(self):
# Fetching the user id
return UserService.get_by_id(id=request.args.get('id'))
def get(self, id):
# Fetching the user id
return UserService.get_by_id(id=id)