def __call__(self, form, field):
issuer = field.data
user = None
if "email" in dir(form) and form.email.data:
user = UserService.get_by_email(form.email.data, serialize=False)
if "key" in dir(form) and form.key.data:
payloads = jwt.decode(form.key.data.replace("Bearer ", ""),
current_app.config["SECRET_KEY"],
current_app.config["JWT_ALGORITHM"])
if payloads:
user = UserService.get_by_email(
payloads["email"], serialize=False)
if issuer:
account = AccountService.read_by_code(issuer, serialize=False)
if not account:
raise ValidationError("Emissor do token inválido.")
if account and not account.is_active:
raise ValidationError("Emissor do token expirado.")
if not user or issuer not in [c.code_name for c in user.accounts]:
raise ValidationError(
"Emissor do token sem associação com o usuário.")
def is_member(cls, key):
if key:
result = KeyValidator.validate(key)
if result:
payloads = result
user = UserService.get_by_email(payloads["email"],
serialize=False)
if user:
issuer = payloads["iss"]
if issuer:
account = AccountService.read_by_code(issuer,
serialize=False)
if not account:
return "Emissor do Token não encontrado."
if not account.is_active:
return "Emissor do Token está inativo."
if account.id not in [c.id for c in user.accounts]:
return "Usuário não está associado ao contrato."
return (account, user)
return "Token Inválido!"
return "Token Inválido"
return "Token é requerido para esta requisição!"
def get_key(cls, json_obj):
form = LoginForm.from_json(json_obj)
if form.validate_on_submit():
user = UserService.get_by_email(form.email.data, serialize=False)
issuer = form.issuer.data or None
delta_sec = cls.get_issuer_key_exp(issuer)
dt_now = datetime.datetime.utcnow()
payloads = {
"ip": request.remote_addr,
"sub": user.id,
"user": user.name,
"email": user.email,
"iss": form.issuer.data,
"iat": dt_now,
"exp": (dt_now + datetime.timedelta(seconds=delta_sec))
}
encoded_jwt = jwt.encode(payloads,
current_app.config["SECRET_KEY"],
current_app.config["JWT_ALGORITHM"])
return {
"key": encoded_jwt.decode("utf-8"),
"exp_seconds": delta_sec
}
return {"form": form.errors}
def __call__(self, form, field):
user = UserService.get_by_email(field.data, serialize=False)
if not user:
raise ValidationError(self.message)