def get(self): auth_header = request.headers.get('Authorization') if auth_header: try: auth_token = auth_header.split(" ")[1] except IndexError: responseObject = { 'status': 'fail', 'message': 'Bearer token malformed.' } return make_response(jsonify(responseObject)), 401 else: auth_token = '' if auth_token: resp = User.decode_auth_token(auth_token) if not isinstance(resp, str): try: expert = Expert.query.all() contactsArr = [] for contact in expert: contactsArr.append(contact.toDict()) return jsonify(contactsArr) except Exception as e: responseObject = { 'status': 'fail', 'message': 'Some error occurred. Please try again.' } return make_response(jsonify(responseObject)), 401 else: return "Error" else: return "Error"
def __check_for_require_params(self,auth_token,mac_address,key_mod,key_ex): """ Check if the params is qualified :params auth_token mac_address public_key: :return user_id or responseObject: """ if not auth_token:#check if auth_token is available return CommonResponseObject.unauthorized_token_response() #get user_id and key from the auth_token user_id= User.decode_auth_token(auth_token) if isinstance(user_id,str):#check if user_id is valid return CommonResponseObject.unauthorized_token_response() if not mac_address: #check if mac_address is valid return CommonResponseObject.fail_response( 'Please provide your MAC address', status.HTTP_412_PRECONDITION_FAILED) #check if key is valid modulus, exponent = User.decode_public_key(auth_token) key = RSAPair.get_RSA_by_public(modulus) if not key:#check if key is existed return CommonResponseObject.response( 'Some errors occured, provided key does not exists') user = User.get_user_by_id(user_id) #retrieve the user entity if not user: #check if the user is existed return CommonResponseObject.unauthorized_token_response() #check if the mac_address is stored if DatabaseCheck.is_mac_address_existed(mac_address): if DatabaseCheck.is_root_by_mac(mac_address): return CommonResponseObject.fail_response( 'Your device is the root device', status.HTTP_202_ACCEPTED) return CommonResponseObject.fail_response( 'Your device is already authorized', status.HTTP_202_ACCEPTED) return user,key
def update(id, **kwargs): auth_header = request.headers.get('Authorization') access_token = auth_header.split(" ")[1] if access_token: user_id = User.decode_auth_token(access_token) if not isinstance(user_id, str): gotData = Expert.query.filter_by(id=id).first() if not gotData: return "Error" if request.method == 'PUT': obj = request.get_json() gotData.active = obj.get('active') # db.session.add(gotData) db.session.commit() response = { 'status': 'Success', 'result': { "id": gotData.id, "name": gotData.name, "nickname": gotData.nickname, "active": gotData.active }, 'message': "Updated successfully" } return make_response(jsonify(response)), 200 else: message = user_id response = { 'message': message } return make_response(jsonify(response)), 401
def post(self): post_data = request.get_json() if not post_data or not post_data.get('mac_address'): return CommonResponseObject.fail_response( 'Please provide your mac_address for deauthorization', status.HTTP_412_PRECONDITION_FAILED) auth_token = RequestUtils.get_access_token(request) user_id = User.decode_auth_token(auth_token) mac_address = post_data.get('mac_address') device = DeviceList.get_device_by_user_id_and_mac(user_id, mac_address) if not device: return CommonResponseObject.fail_response( 'Invalid authentication token',status.HTTP_401_UNAUTHORIZED) if device.root: return CommonResponseObject.fail_response( 'You are not able to deauthorize without decoding your files to raw', status.HTTP_403_FORBIDDEN) try: db.session.delete(device) db.session.commit() return CommonResponseObject.success_resp_with_mess( 'Your device is no longer authorized') except Exception: return CommonResponseObject.fail_response( 'Some errors occured, please try again')
def post(self): post_data = request.get_json() root_mac_address = post_data.get('root_mac_address') mac_address = post_data.get('mac_address') if not post_data or not mac_address or not root_mac_address: return CommonResponseObject.fail_response( 'Please provide your mac_address and the mac_address of device for root changing', status.HTTP_412_PRECONDITION_FAILED) auth_token = RequestUtils.get_access_token(request) user_id = User.decode_auth_token(auth_token) device = DeviceList.get_device_by_user_id_and_mac(user_id,mac_address) if not device: return CommonResponseObject.fail_response( 'Your provided mac_address is unathorized', status.HTTP_401_UNAUTHORIZED) root_device = DeviceList.get_device_by_user_id_and_mac(user_id,root_mac_address) if not root_device: return CommonResponseObject.fail_response( 'Your provided mac address of root device is invalid', status.HTTP_404_NOT_FOUND) if not root_device.root: return CommonResponseObject.fail_response( 'Your provided mac address of root device is unauthorized', status.HTTP_401_UNAUTHORIZED) try: device.root = True root_device.root = False db.session.save() db.session.commit() return CommonResponseObject.success_resp_with_mess( 'Your root device is changed successfully') except Exception: return CommonResponseObject.fail_response( 'Some errors occurred')
def __check_for_require_params(self,auth_token,mac_address,encrypted_key): """ Check if the params is qualified, return error json response if any requisite does not meet, else check and return user entity for the corresponding user id :params: :auth_token: :mac_address: :public_key: :return: :user_id: or :responseObject: """ if not auth_token: # Check if the auth_token is valid return CommonResponseObject.unauthorized_token_response() user_id = User.decode_auth_token(auth_token) if isinstance(user_id,str): # Check if user_id is provided return CommonResponseObject.unauthorized_token_response() if not isinstance(mac_address,str): # Check if mac address is provided return CommonResponseObject.fail_response( 'Please provide your Mac address', status.HTTP_412_PRECONDITION_FAILED) if not encrypted_key:#check if encrypted_key is provided return CommonResponseObject.fail_response( 'Please provide your encrypted key for authorization', status.HTTP_412_PRECONDITION_FAILED) user = User.get_user_by_id(user_id) #get user from the database if not user:#if user is not available return CommonResponseObject.unauthorized_token_response() return user
def post(self): # get the post data auth_token = UserAPI.get_user_token(request) post_data = request.get_json() if auth_token: user_id = User.decode_auth_token(auth_token) if not isinstance(user_id, str): try: self.add_post_to_database(post_data, user_id) responseObject = { 'status': 'success', 'message': 'Added new post.' } return make_response(jsonify(responseObject)), 200 except: responseObject = { 'status': 'fail', 'message': 'Could not create post.' } return make_response(jsonify(responseObject)), 401 responseObject = { 'status': 'fail', 'message': 'Provide a valid auth token.' } return make_response(jsonify(responseObject)), 401
def decorated(*args, **kwargs): auth_header = request.headers.get('Authorization') if auth_header: try: auth_token = auth_header.split(" ")[1] except IndexError: responseObject = { 'status': 'fail', 'message': 'Bearer token malformed.' } return make_response(jsonify(responseObject)), 401 else: auth_token = '' if auth_token: decoded_data = User.decode_auth_token(auth_token) if not isinstance(decoded_data, str): token_response, user = decoded_data[0], decoded_data[1] return view_func(*args, **kwargs, user=user, token_response=token_response) responseObject = { 'status': 'fail', 'message': decoded_data } return make_response(jsonify(responseObject)), 401 else: responseObject = { 'status': 'fail', 'message': 'Provide a valid auth token.' } return make_response(jsonify(responseObject)), 401
def _handle_request_with_authorisation_token(*args, **kwargs): # get the auth token auth_header = request.headers.get('Authorization') if auth_header: try: auth_token = auth_header.split(" ")[1] except IndexError: responseObject = { 'status': 'fail', 'message': 'Bearer token malformed.' } return make_response(jsonify(responseObject)), 401 else: auth_token = '' if auth_token: resp = User.decode_auth_token(auth_token) if not isinstance(resp, str): user = User.query.filter_by(id=resp).first() return func(user=user, *args, **kwargs) responseObject = {'status': 'fail', 'message': resp} return make_response(jsonify(responseObject)), 401 else: responseObject = { 'status': 'fail', 'message': 'Provide a valid auth token.' } return make_response(jsonify(responseObject)), 401
def get(self): # get the auth token auth_header = request.headers.get('Authorization') if auth_header: auth_token = auth_header.split(" ")[1] else: auth_token = '' if auth_token: resp = User.decode_auth_token(auth_token) if not isinstance(resp, str): user = User.query.filter_by(id=resp).first() responseObject = { 'status': 'success', 'data': { 'user_id': user.id, 'email': user.email, 'admin': user.admin, 'registered_on': user.registered_on } } return make_response(jsonify(responseObject)), 200 responseObject = { 'status': 'fail', 'message': resp } return make_response(jsonify(responseObject)), 401 else: responseObject = { 'status': 'fail', 'message': 'Provide a valid auth token.' } return make_response(jsonify(responseObject)), 401
def test_decode_auth_token(self): user = User(email='*****@*****.**', password='******') db.session.add(user) db.session.commit() auth_token = user.encode_auth_token(user.id) decoded = User.decode_auth_token(auth_token) self.assertEqual(user.id, decoded)
def get(self): # get the auth token auth_header = request.headers.get('Authorization') if auth_header: try: auth_token = auth_header.split(" ")[1] except IndexError: responseObject = { 'status': 'fail', 'message': 'Bearer token malformed.' } return make_response(jsonify(responseObject)), 401 else: auth_token = '' if auth_token: resp = User.decode_auth_token(auth_token) if not isinstance(resp, str): #result = ExpenseList.query.with_entities(ExpenseList.name, ExpenseList.money_spent).filter_by(user_id=resp).all() #return make_response(jsonify(result)),200 #return make_response(jsonify([i.serialize for i in query.all()])),200 query = ExpenseList.query.filter_by(user_id=resp) return make_response( jsonify([i.graph_data for i in query.all()])), 200 responseObject = {'status': 'fail', 'message': resp} return make_response(jsonify(responseObject)), 401 else: responseObject = { 'status': 'fail', 'message': 'Provide a valid auth token.' } return make_response(jsonify(responseObject)), 401
def post(self): # get auth token auth_header = request.headers.get("Authorization") if auth_header: auth_token = auth_header.split(" ")[1] else: auth_token = "" if auth_token: resp = User.decode_auth_token(auth_token) if not isinstance(resp, str): # mark the token as blacklisted blacklist_token = BlacklistToken(token=auth_token) try: # insert the token db.session.add(blacklist_token) db.session.commit() responseObject = { "status": "success", "message": "Successfully logged out.", } return make_response(jsonify(responseObject)), 200 except Exception as e: responseObject = {"status": "fail", "message": e} return make_response(jsonify(responseObject)), 200 else: responseObject = {"status": "fail", "message": resp} return make_response(jsonify(responseObject)), 401 else: responseObject = { "status": "fail", "message": "Provide a valid auth token.", } return make_response(jsonify(responseObject)), 403
def get(self, user_id): # get the auth token auth_token = UserAPI.get_user_token(request) if auth_token: resp = User.decode_auth_token(auth_token) if not isinstance(resp, str): responseObject = UserAPI.get_user_by_id(resp) if responseObject['data']['is_superuser']: responseObject = UserAPI.get_user_by_id(user_id) # deleting unrequested data del responseObject['data']['user_id'] del responseObject['data']['is_superuser'] else: responseObject = { 'status': 'fail', 'message': 'Access denied.' } return make_response(jsonify(responseObject)), 403 return make_response(jsonify(responseObject)), 200 responseObject = { 'status': 'fail', 'message': resp } return make_response(jsonify(responseObject)), 401 else: responseObject = { 'status': 'fail', 'message': 'Provide a valid auth token.' } return make_response(jsonify(responseObject)), 401
def post(self): auth_token = get_token() if auth_token: resp = User.decode_auth_token(auth_token) if not isinstance(resp, str): # mark the token as blacklisted blacklist_token = BlacklistToken(token=auth_token) try: # insert the token db.session.add(blacklist_token) db.session.commit() responseObject = { 'status': 'exito', 'message': 'Cierre de sesion exitoso' } return make_response(jsonify(responseObject)) except Exception as e: responseObject = {'status': 'Error', 'message': e} return make_response(jsonify(responseObject)) else: responseObject = {'status': 'Error', 'message': resp} return make_response(jsonify(responseObject)) else: responseObject = {'status': 'Error', 'message': 'Token invalido'} return make_response(jsonify(responseObject))
def test_decode_auth_token(self): user = User(email='*****@*****.**', password='******') db.session.add(user) db.session.commit() auth_token = user.encode_auth_token(user.id) self.assertTrue(isinstance(auth_token, bytes)) self.assertTrue(User.decode_auth_token(auth_token) == 1)
def delete(): # get the put data put_data = request.get_json() # get the auth token auth_header = request.headers.get('Authorization') if auth_header: try: auth_token = auth_header.split(" ")[1] except IndexError: responseObject = { 'status': 'fail', 'message': 'Bearer token malformed.' } return make_response(jsonify(responseObject)), 401 else: auth_token = '' if auth_token: resp = User.decode_auth_token(auth_token) if not isinstance(resp, str): user = User.query.filter_by(id=resp).first() db.session.delete(user) db.session.commit() responseObject = {'status': 'success'} return make_response(jsonify(responseObject)), 200 responseObject = {'status': 'fail', 'message': resp} return make_response(jsonify(responseObject)), 401 else: responseObject = { 'status': 'fail', 'message': 'Provide a valid auth token.' } return make_response(jsonify(responseObject)), 401
def post(self): # get auth token auth_header = request.headers.get('Authorization') if auth_header: auth_token = auth_header.split(" ")[1] else: auth_token = '' if auth_token: resp = User.decode_auth_token(auth_token) if not isinstance(resp, str): # mark the token as blacklisted blacklist_token = BlacklistToken(token=auth_token) try: # insert the token db.session.add(blacklist_token) db.session.commit() responseObject = { 'status': 'success', 'message': 'Successfully logged out.' } return make_response(jsonify(responseObject)), 200 #OK except Exception as e: responseObject = {'status': 'fail', 'message': e} return make_response(jsonify(responseObject)), 200 #OK else: responseObject = {'status': 'fail', 'message': resp} return make_response( jsonify(responseObject)), 401 #Unauthorized else: responseObject = { 'status': 'fail', 'message': 'Provide a valid auth token.' } return make_response(jsonify(responseObject)), 403 #Forbidden
def __check_for_require_params(self, auth_token, mac_address, otp_modulus, otp_exponent, main_key, backup_key): """ Check if the params is qualified :params auth_token mac_address public_key: :return user_id or responseObject: """ if not auth_token: return CommonResponseObject.unauthorized_token_response() user_id = User.decode_auth_token(auth_token) if not main_key: return CommonResponseObject.fail_response( 'Please provide the main key', status.HTTP_412_PRECONDITION_FAILED) if not backup_key: return CommonResponseObject.fail_response( 'Please provide the backup_key', status.HTTP_412_PRECONDITION_FAILED) if isinstance(user_id, str): return CommonResponseObject.unauthorized_token_response() if not isinstance(mac_address, str): return CommonResponseObject.fail_response( 'Please provide your Mac address', status.HTTP_412_PRECONDITION_FAILED) user = User.get_user_by_id(user_id) if not user: return CommonResponseObject.unauthorized_token_response() if DatabaseCheck.is_mac_address_existed(mac_address): return CommonResponseObject.fail_response( 'Your device is the root device or already requested for authorization', status.HTTP_202_ACCEPTED) return user
def get(self, user_id): # get the auth token auth_header = request.headers.get('Authorization') if auth_header: try: auth_token = auth_header.split(" ")[1] except IndexError: responseObject = { 'status': 'fail', 'message': 'Bearer token malformed.' } return make_response(jsonify(responseObject)), 401 else: auth_token = '' if auth_token: resp = User.decode_auth_token(auth_token) if not isinstance(resp, str): authenticated_user = User.query.filter_by(id=resp).first() responseObject = self.successful_response_object( authenticated_user, user_id) return make_response(jsonify(responseObject)), 200 responseObject = {'status': 'fail', 'message': resp} return make_response(jsonify(responseObject)), 401 else: responseObject = { 'status': 'fail', 'message': 'Provide a valid auth token.' } return make_response(jsonify(responseObject)), 401
def post(self, ticketID): auth_header = request.headers.get('Authorization') if auth_header: try: auth_token = auth_header.split(" ")[1] except IndexError: responseObject = { 'status': 'fail', 'message': 'Bearer token malformed.' } return make_response(jsonify(responseObject)), 401 else: auth_token = '' if auth_token: resp = User.decode_auth_token(auth_token) if not isinstance(resp, str): post_data = request.get_json() ticket = Ticket.query.filter_by(id=ticketID).first() comment = Comment(email=post_data.get('email'), comment=post_data.get('comment')) ticket.ticketComments.append(comment) db.session.commit() responseObject = { 'status': 'success', 'message': 'Comment successfully added!' } return make_response(jsonify(responseObject)), 201 responseObject = {'status': 'fail', 'message': resp} return make_response(jsonify(responseObject)), 401 else: responseObject = { 'status': 'fail', 'message': 'Provide a valid auth token.' } return make_response(jsonify(responseObject)), 401
def get(self): auth_header = request.headers.get('Authorization') if auth_header: try: auth_token = auth_header.split(" ")[1] except IndexError: responseObject = { 'status': 'fail', 'message': 'Bearer token malformed.' } return make_response(jsonify(responseObject)), 401 else: auth_token = '' if auth_token: resp = User.decode_auth_token(auth_token) if not isinstance(resp, str): days = request.args.get('filter_type') current_time = datetime.datetime.now() target_time = datetime.datetime.now() - datetime.timedelta( days=int(days)) expense_list = ExpenseList.query.filter( ExpenseList.created_on <= current_time).filter( ExpenseList.created_on >= target_time).filter_by( user_id=resp) return make_response( jsonify([i.serialize for i in expense_list.all()])), 200 responseObject = {'status': 'fail', 'message': resp} return make_response(jsonify(responseObject)), 401 else: responseObject = { 'status': 'fail', 'message': 'Provide a valid auth token.' } return make_response(jsonify(responseObject)), 401
def post(self): # get auth token auth_header = request.headers.get('Authorization') if (auth_header is not None) and (' ' in auth_header): auth_token = auth_header.split(" ")[1] else: auth_token = auth_header if auth_token: resp = User.decode_auth_token(auth_token) if isinstance(resp, str) and ('Signature expired' not in resp) and ('Token blacklisted' not in resp): # mark the token as blacklisted blacklist_token = BlacklistToken(token=auth_token) try: # insert the token blacklist_token.save() responseObject = { 'status': 'success', 'message': 'Successfully logged out.' } return make_response(jsonify(responseObject)), 200 except Exception as e: responseObject = {'status': 'fail', 'message': e} return make_response(jsonify(responseObject)), 200 else: responseObject = {'status': 'fail', 'message': resp} return make_response(jsonify(responseObject)), 401 else: responseObject = { 'status': 'fail', 'message': 'Provide a valid auth token.' } return make_response(jsonify(responseObject)), 403
def delete(self, ticketID): auth_header = request.headers.get('Authorization') if auth_header: try: auth_token = auth_header.split(" ")[1] except IndexError: responseObject = { 'status': 'fail', 'message': 'Bearer token malformed.' } return make_response(jsonify(responseObject)), 401 else: auth_token = '' if auth_token: resp = User.decode_auth_token(auth_token) if not isinstance(resp, str): comments = Ticket.query.filter_by( id=ticketID).first().ticketComments for c in comments: db.session.delete(c) Ticket.query.filter_by(id=ticketID).delete() db.session.commit() responseObject = { 'status': 'success', 'message': 'Ticket successfully deleted!' } return make_response(jsonify(responseObject)), 201 responseObject = {'status': 'fail', 'message': resp} return make_response(jsonify(responseObject)), 401 else: responseObject = { 'status': 'fail', 'message': 'Provide a valid auth token.' } return make_response(jsonify(responseObject)), 401
def parse_token_data(auth_token, token_type="access"): token_data = User.decode_auth_token(auth_token, token_type) return { "issued_at": datetime.utcfromtimestamp(token_data['iat']).isoformat('T', 'milliseconds')+ 'Z', "expires_at": datetime.utcfromtimestamp(token_data['exp']).isoformat('T', 'milliseconds')+ 'Z', }
def __init__(self, header: str): if header: authorization = header.split(" ") if (len(authorization) != 2): self.error = APIError.TOKEN_NOT_PROVIDED return else: token = authorization[1] else: token = '' if token: if not Token.is_present(token): self.error = APIError.TOKEN_NOT_PRESENT return elif Token.is_blacklisted(token): self.error = APIError.TOKEN_BLACKLISTED return else: user_id, error = User.decode_auth_token(token) if error: self.error = APIError.TOKEN_NOT_DECODED return try: user = User.query.filter_by(id=user_id).first() except Exception: self.error = APIError.UNKNOWN_EXCEPTION return if user: self.token = token self.user = user else: self.error = APIError.NO_USER_FOR_TOKEN else: self.error = APIError.TOKEN_NOT_PROVIDED
def get(self): auth_header = request.headers.get('Authorization') if auth_header: auth_token = auth_header.split(" ")[1] else: auth_token = '' if auth_token: resp = User.decode_auth_token(auth_token) if not isinstance(resp, str): try: user = User.query.filter_by(id=resp).first() results = [ self.to_dict(entry) for entry in Entry.query.filter_by(user_id=user.id). order_by(Entry.created_on.desc()).all() ] response_object = { 'status': 'success', 'message': 'retrieved entries', 'results': results } return make_response(jsonify(response_object)), 200 except Exception as e: response_object = {'status': 'fail', 'message': e} return make_response(jsonify(response_object)), 200 else: response_object = {'status': 'fail', 'message': resp} return make_response(jsonify(response_object)), 401 else: response_object = { 'status': 'fail', 'message': 'Provide a valid auth token.' } return make_response(jsonify(response_object)), 403
def post(self): auth_header = request.headers.get('Authorization') if auth_header: auth_token = auth_header.split(" ")[1] else: auth_token = '' if auth_token: resp = User.decode_auth_token(auth_token) if not isinstance(resp, str): try: user = User.query.filter_by(id=resp).first() post_data = request.get_json() if all([ post_data.get('text'), post_data.get('url'), post_data.get('title') ]): entry = Entry(user_id=user.id, text=post_data.get('text'), keywords=post_data.get('keywords', None), url=post_data.get('url'), title=post_data.get('title')) db.session.add(entry) db.session.commit() response_object = { 'user_id': user.id, 'text': entry.text, 'keywords': entry.keywords, 'url': entry.url, 'title': entry.title, 'created_on': entry.created_on.strftime('%m/%d/%Y'), 'status': 'success', 'message': 'created new entry' } else: return make_response( jsonify({ 'status': 'fail', 'message': 'Please provide url, title, and text' })) return make_response(jsonify(response_object)), 200 except Exception as e: response_object = {'status': 'fail', 'message': e} return make_response(jsonify(response_object)), 200 else: response_object = {'status': 'fail', 'message': resp} return make_response(jsonify(response_object)), 401 else: response_object = { 'status': 'fail', 'message': 'Provide a valid auth token.' } return make_response(jsonify(response_object)), 403
def test_decode_auth_token(self): user = User(email="*****@*****.**", password="******") db.session.add(user) db.session.commit() auth_token = user.encode_auth_token(user.id) self.assertTrue(isinstance(auth_token, bytes)) self.assertTrue(User.decode_auth_token(auth_token.decode("utf-8")) == 1)
def test_decode_auth_token(self): user = test_user() db.session.add(user) db.session.commit() auth_token = user.encode_auth_token(user.id) self.assertTrue(isinstance(auth_token, bytes)) self.assertTrue( User.decode_auth_token(auth_token.decode("utf-8")) == 1)
def test_decode_auth_token(self): user = User( email='*****@*****.**', password='******' ) db.session.add(user) db.session.commit() auth_token = user.encode_auth_token(user.id) self.assertTrue(isinstance(auth_token, bytes)) self.assertTrue(User.decode_auth_token( auth_token.decode("utf-8") ) == 1)
def post(self): # get auth token auth_header = request.headers.get('Authorization') if auth_header: auth_token = auth_header.split(" ")[1] else: auth_token = '' if auth_token: resp = User.decode_auth_token(auth_token) if not isinstance(resp, str): # mark the token as blacklisted blacklist_token = BlacklistToken(token=auth_token) try: # insert the token db.session.add(blacklist_token) db.session.commit() responseObject = { 'status': 'success', 'message': 'Successfully logged out.' } return make_response(jsonify(responseObject)), 200 except Exception as e: responseObject = { 'status': 'fail', 'message': e } return make_response(jsonify(responseObject)), 200 else: responseObject = { 'status': 'fail', 'message': resp } return make_response(jsonify(responseObject)), 401 else: responseObject = { 'status': 'fail', 'message': 'Provide a valid auth token.' } return make_response(jsonify(responseObject)), 403
def get(self): # get the auth token auth_header = request.headers.get('Authorization') if auth_header: try: auth_token = auth_header.split(" ")[1] except IndexError: responseObject = { 'status': 'fail', 'message': 'Bearer token malformed.' } return make_response(jsonify(responseObject)), 401 else: auth_token = '' if auth_token: resp = User.decode_auth_token(auth_token) if not isinstance(resp, str): user = User.query.filter_by(id=resp).first() responseObject = { 'status': 'success', 'data': { 'user_id': user.id, 'email': user.email, 'admin': user.admin, 'registered_on': user.registered_on } } return make_response(jsonify(responseObject)), 200 responseObject = { 'status': 'fail', 'message': resp } return make_response(jsonify(responseObject)), 401 else: responseObject = { 'status': 'fail', 'message': 'Provide a valid auth token.' } return make_response(jsonify(responseObject)), 401