def register_logging_callbacks(jwt: JWTManager):
"""
Register callbacks which emit logs to the flowapi's access log and return
the result from the default callback.
Registers callbacks for:
- expired tokens
- tampered tokens
- invalid tokens
- revoked tokens
- blacklisted tokens
- unauthorised access
Parameters
----------
jwt : JWTManager
JWT manager to register callbacks for
Returns
-------
JWTManager
The JWT manager wth the registered callbacks
"""
jwt.expired_token_loader(expired_token_callback)
jwt.claims_verification_failed_loader(claims_verification_failed_callback)
jwt.invalid_token_loader(invalid_token_callback)
jwt.revoked_token_loader(revoked_token_callback)
jwt.unauthorized_loader(unauthorized_callback)
return jwt
def app():
app = Quart(__name__)
app.config["JWT_SECRET_KEY"] = "change_me"
app.config["JWT_TOKEN_LOCATION"] = ["cookies", "headers"]
app.config["JWT_COOKIE_CSRF_PROTECT"] = True
JWTManager(app)
return app
def app():
app = Quart(__name__)
app.config["JWT_SECRET_KEY"] = "foobarbaz"
JWTManager(app)
@app.route("/protected", methods=["GET"])
@jwt_required
async def protected():
return jsonify(foo="bar")
@app.route("/fresh_protected", methods=["GET"])
@fresh_jwt_required
async def fresh_protected():
return jsonify(foo="bar")
@app.route("/refresh_protected", methods=["GET"])
@jwt_refresh_token_required
async def refresh_protected():
return jsonify(foo="bar")
@app.route("/optional_protected", methods=["GET"])
@jwt_optional
async def optional_protected():
if get_jwt_identity():
return jsonify(foo="baz")
else:
return jsonify(foo="bar")
return app
def app():
app = Quart(__name__)
app.config["JWT_SECRET_KEY"] = "foobarbaz"
JWTManager(app)
@app.route("/protected", methods=["GET"])
@jwt_required
async def access_protected():
return jsonify(foo="bar")
return app
def create_app():
app = Quart(__name__)
app.config.from_mapping(get_config())
jwt = JWTManager(app)
app.before_serving(connect_logger)
app.before_serving(create_db)
app.before_request(add_uuid)
app.before_request(connect_zmq)
app.teardown_request(close_zmq)
@app.route("/")
async def root():
return ""
app.register_blueprint(query_endpoints_blueprint, url_prefix="/api/0")
app.register_blueprint(geography_blueprint, url_prefix="/api/0")
app.register_blueprint(spec_blueprint, url_prefix="/api/0/spec")
register_logging_callbacks(jwt)
jwt.user_loader_callback_loader(user_loader_callback)
return app
def app():
app = Quart(__name__)
app.config["JWT_SECRET_KEY"] = "foobarbaz"
JWTManager(app)
@app.route("/protected", methods=["GET"])
@jwt_required
async def get_claims():
return jsonify(get_raw_jwt_header())
@app.route("/protected2", methods=["GET"])
@jwt_refresh_token_required
async def get_refresh_claims():
return jsonify(get_raw_jwt_header())
return app
def app():
app = Quart(__name__)
app.config["JWT_SECRET_KEY"] = "foobarbaz"
JWTManager(app)
@app.route("/get_user1", methods=["GET"])
@jwt_required
async def get_user1():
return jsonify(foo=get_current_user()["username"])
@app.route("/get_user2", methods=["GET"])
@jwt_required
async def get_user2():
return jsonify(foo=current_user["username"])
return app
def app():
app = Quart(__name__)
app.config["JWT_SECRET_KEY"] = "foobarbaz"
app.config["JWT_TOKEN_LOCATION"] = "json"
JWTManager(app)
@app.route("/protected", methods=["POST"])
@jwt_required
async def access_protected():
return jsonify(foo="bar")
@app.route("/refresh", methods=["POST"])
@jwt_refresh_token_required
async def refresh_protected():
return jsonify(foo="bar")
return app
def app():
app = Quart(__name__)
app.config["JWT_SECRET_KEY"] = "foobarbaz"
app.config["JWT_BLACKLIST_ENABLED"] = True
JWTManager(app)
@app.route("/protected", methods=["GET"])
@jwt_required
async def access_protected():
return jsonify(foo="bar")
@app.route("/refresh_protected", methods=["GET"])
@jwt_refresh_token_required
async def refresh_protected():
return jsonify(foo="bar")
return app
def app():
app = Quart(__name__)
app.config["JWT_SECRET_KEY"] = "foobarbaz"
app.config["JWT_TOKEN_LOCATION"] = [
"headers", "cookies", "query_string", "json"
]
JWTManager(app)
@app.route("/cookie_login", methods=["GET"])
async def cookie_login():
resp = jsonify(login=True)
access_token = create_access_token("username")
set_access_cookies(resp, access_token)
return resp
@app.route("/protected", methods=["GET", "POST"])
@jwt_required
async def access_protected():
return jsonify(foo="bar")
return app
def app():
app = Quart(__name__)
app.config["JWT_SECRET_KEY"] = "secret"
JWTManager(app)
@app.route("/jwt_required", methods=["GET", "OPTIONS"])
@jwt_required
async def jwt_required_endpoint():
return b"ok"
@app.route("/fresh_jwt_required", methods=["GET", "OPTIONS"])
@fresh_jwt_required
async def fresh_jwt_required_endpoint():
return b"ok"
@app.route("/jwt_refresh_token_required", methods=["GET", "OPTIONS"])
@jwt_refresh_token_required
async def jwt_refresh_token_required_endpoint():
return b"ok"
return app
from quart import Quart, jsonify, request
from quart_jwt_extended import JWTManager, jwt_required, create_access_token
app = Quart(__name__)
app.config["JWT_SECRET_KEY"] = "super-secret" # Change this!
jwt = JWTManager(app)
# Using the expired_token_loader decorator, we will now call
# this function whenever an expired but otherwise valid access
# token attempts to access an endpoint
@jwt.expired_token_loader
def my_expired_token_callback(expired_token):
token_type = expired_token["type"]
return (
{
"status": 401,
"sub_status": 42,
"msg": "The {} token has expired".format(token_type),
},
401,
)
@app.route("/login", methods=["POST"])
async def login():
username = (await request.get_json()).get("username", None)
password = (await request.get_json()).get("password", None)
if username != "test" or password != "test":
return {"msg": "Bad username or password"}, 401
def app():
app = Quart(__name__)
app.config["JWT_SECRET_KEY"] = "foobarbaz"
app.config["JWT_TOKEN_LOCATION"] = ["cookies"]
JWTManager(app)
@app.route("/access_token", methods=["GET"])
async def access_token():
resp = jsonify(login=True)
access_token = create_access_token("username")
set_access_cookies(resp, access_token)
return resp
@app.route("/refresh_token", methods=["GET"])
async def refresh_token():
resp = jsonify(login=True)
refresh_token = create_refresh_token("username")
set_refresh_cookies(resp, refresh_token)
return resp
@app.route("/delete_tokens", methods=["GET"])
async def delete_tokens():
resp = jsonify(logout=True)
unset_jwt_cookies(resp)
return resp
@app.route("/delete_access_tokens", methods=["GET"])
async def delete_access_tokens():
resp = jsonify(access_revoked=True)
unset_access_cookies(resp)
return resp
@app.route("/delete_refresh_tokens", methods=["GET"])
async def delete_refresh_tokens():
resp = jsonify(refresh_revoked=True)
unset_refresh_cookies(resp)
return resp
@app.route("/protected", methods=["GET"])
@jwt_required
async def protected():
return jsonify(foo="bar")
@app.route("/post_protected", methods=["POST"])
@jwt_required
async def post_protected():
return jsonify(foo="bar")
@app.route("/refresh_protected", methods=["GET"])
@jwt_refresh_token_required
async def refresh_protected():
return jsonify(foo="bar")
@app.route("/post_refresh_protected", methods=["POST"])
@jwt_refresh_token_required
async def post_refresh_protected():
return jsonify(foo="bar")
@app.route("/optional_post_protected", methods=["POST"])
@jwt_optional
async def optional_post_protected():
return jsonify(foo="bar")
return app
def app():
app = Quart(__name__)
JWTManager(app)
return app
