def resp_with_access_token(response, access_token):
domain = get_config('api', 'jwt.domain')
response.set_cookie(
key='access_token',
value=access_token,
secure=get_config('api', 'jwt.secure'),
httponly=True,
expires=datetime.datetime.utcnow() +
datetime.timedelta(seconds=get_config('api', 'jwt.exp')),
domain=(domain if domain else None))
return response
def get_access_token(user_id):
return jwt.encode(
{
'exp':
datetime.datetime.utcnow() +
datetime.timedelta(seconds=get_config('api', 'jwt.exp')),
'user_id':
user_id
},
get_config('api', 'jwt.secret'),
algorithm='HS256')
def get_payload(access_token):
try:
payload = jwt.decode(access_token,
get_config('api', 'jwt.secret'),
algorithm='HS256')
if not payload or 'user_id' not in payload:
raise TokenInvalid()
return payload
except ExpiredSignatureError:
raise TokenExpired()
except DecodeError:
raise TokenInvalid()