def login(request: _Parsed):
json = request.json
get = json.get
user = get("user", "").strip().lower()
password = get("password", "")
invalids = []
if not user:
invalids.append("username")
if not password:
invalids.append("password")
if invalids:
raise AppException(f"Invalid {' and '.join(invalids)}", code=401)
user_data = get_user_by_id(user)
password_hash = user_data.password_hash
if not check_password_hash(password_hash, password):
raise AppException("Incorrect Password", code=401)
username = user_data.user
access_token = create_token(issue_access_token(username))
refresh_token = create_token(issue_refresh_token(username, password_hash))
return json_response(
{"data": {
"success": True,
"user_data": user_data.as_json
}},
headers={
"x-access-token": access_token,
"x-refresh-token": refresh_token
},
)
def create_password_verification_token(user: UserTable):
token = {
"u": user.user,
"ch": generate_password_hash(user.user + user.password_hash),
"exp": time() + THREE_HOURS,
}
return create_token(token)
def re_authenticate(req: _Parsed):
headers = flask_request.headers
access_token = get_bearer_token(headers)
decoded_access = decode_token(access_token)
if decoded_access is None:
refresh_token = headers.get("x-refresh-token")
decoded_refresh = decode_token(refresh_token)
access, refresh = regenerate_access_token(decoded_refresh)
if access is None:
raise AppException("re-auth", code=401)
return json_response(
{},
headers={
"x-access-token": create_token(access),
"x-refresh-token": create_token(refresh),
},
)
def create_email_verification_token(user: UserTable):
# email = user.email
# send_email
token = {"u": user.user, "e": user.email, "exp": time() + THREE_HOURS}
return create_token(token)