def post(self):
"""Validates credentials and returns access and refresh tokens on success."""
payload = request.get_json()
email = payload.get("email")
password = payload.get("password")
user = get_user_by_email(email)
if not user or not user.check_password(password):
namespace.abort(
401,
f"User with given email {email} or password does not exists")
access_token = User.encode_token(user.id, "access").decode()
refresh_token = User.encode_token(user.id, "refresh").decode()
return {
"access_token": access_token,
"refresh_token": refresh_token
}, 200
def post(self):
"""Creates new Access and Refresh tokens."""
payload = request.get_json()
refresh_token = payload.get("refresh_token")
try:
user_id = User.decode_token(refresh_token)
user = get_user_by_id(user_id)
if not user:
namespace.abort(401, "Invalid token")
access_token = User.encode_token(user.id, "access").decode()
refresh_token = User.encode_token(user.id, "refresh").decode()
return {
"access_token": access_token,
"refresh_token": refresh_token
}, 200
except jwt.ExpiredSignature:
namespace.abort(401, "Token expired")
except jwt.InvalidTokenError:
namespace.abort(401, "Invalid token")
def test_encode_access_token(test_app, test_database, add_user):
user = add_user("aaa", "*****@*****.**", "xyz")
token = User.encode_token(user.id, "access")
assert isinstance(token, bytes)
def test_decode_refresh_token(test_app, test_database, add_user):
user = add_user("aaa", "*****@*****.**", "xyz")
token = User.encode_token(user.id, "refresh")
assert isinstance(token, bytes)
assert User.decode_token(token) == user.id