def add_claims_to_access_token(identity):
return {
'user':
identity,
'company_id':
UserModel.find_by_id(_id=identity).company_id,
'roles': [
role.name
for role in UserModel.find_by_id(_id=identity).roles
]
}
def delete(cls, user_id: int):
user = UserModel.find_by_id(user_id)
if not user:
return {"message": USER_NOT_FOUND}, 404
user.delete_from_db()
return {"message": USER_DELETED}, 200
def get(cls):
jti = get_raw_jwt()[
"jti"] # jti is "JWT ID", a unique identifier for a JWT.
user_id = get_jwt_identity()
user = UserModel.find_by_id(_id=user_id)
co = user.company
roles = [role.name for role in user.roles]
return {"user": user_schema.dump(user), "jti": jti, "roles": roles}
def post(cls):
req_json = request.get_json()
user_id = get_jwt_identity()
user = UserModel.find_by_id(user_id)
errors = new_password_schema.validate(req_json)
if errors:
response = jsonify({'errors': errors, "status": 400})
response.status_code = 400
return response
if user and user.check_password(req_json['password']):
user.set_password(req_json['new_password'])
user.save_to_db()
access_token = create_access_token(identity=user.id, fresh=True)
refresh_token = create_refresh_token(user.id)
access_decoded_token = decode_token(access_token)
entry = {
"jti": access_decoded_token["jti"],
"token_type": 'access',
"fresh": True,
"blacklisted": False,
"never_expire": False,
}
data = token_schema.load(entry)
data.user_id = user.id
data.expiration_date = datetime.fromtimestamp(
access_decoded_token['exp'])
data.save_to_db()
resp = jsonify({
"message": "Successfully set a new password",
"login": True
})
set_access_cookies(resp, access_token)
set_refresh_cookies(resp, refresh_token)
return resp, 200
return {"message": INVALID_CREDENTIALS, 'login': False}, 401
def get_company_from_request():
jti = get_raw_jwt()[
"jti"] # jti is "JWT ID", a unique identifier for a JWT.
user_id = get_jwt_identity()
return UserModel.find_by_id(_id=user_id).company_id
def get(cls, user_id):
user = UserModel.find_by_id(user_id)
if not user:
return {"message": USER_NOT_FOUND}, 404
return user_schema.dump(user), 200