def post(self):
"""
서비스 자체 계정 로그인
"""
id = request.json['id']
pw = request.json['pw']
hashed_pw = generate_password_hash(pw)
user = AccountModel.objects(id=id).first()
if not user or check_password_hash(hashed_pw, user.pw):
return abort(401)
refresh_token = uuid4()
RefreshTokenModel(
token=refresh_token,
token_owner=user,
pw_snapshot=hashed_pw
).save()
# Generate new refresh token made up of uuid4
return {
'accessToken': create_access_token(id),
'refreshToken': create_refresh_token(str(refresh_token))
}
def post(self):
"""
새로운 Access Token 획득
"""
token = RefreshTokenModel.objects(token=get_jwt_identity()).first()
# if not token or token.token_owner.pw != token.pw_snapshot:
# # Invalid token or the token issuing password is different from the current password
# # Returns status code 205 : Reset Content
# return Response('', 205)
return {
'accessToken': create_access_token(token.token_owner.id)
}
def get(self):
try:
token = RefreshTokenModel.objects(
identity=UUID(get_jwt_identity())).first()
if not token:
abort(401)
return {
'accessToken':
create_access_token(
TokenModel.generate_token(AccessTokenModel, token.owner,
request.headers['USER-AGENT']))
} if token.owner.pw == token.pw_snapshot else Response('', 205)
except ValueError:
abort(422)
def get(self):
refresh_token = RefreshTokenModel.objects(
identity=UUID(get_jwt_identity())).first()
if refresh_token:
if refresh_token.pw_snapshot == refresh_token.owner.pw:
return {
'accessToken':
create_refresh_token(
TokenModel.generate_token(AccessTokenModel,
refresh_token.owner))
}
else:
return Response('', 205)
else:
abort(401)
def post(self):
"""
새로운 Access Token 획득
"""
token = RefreshTokenModel.objects(
identity=UUID(get_jwt_identity())).first()
if not token:
abort(205)
return self.unicode_safe_json_response(
{
'access_token':
create_access_token(
TokenModel.generate_token(AccessTokenModel, token.owner,
request.headers['USER_AGENT']))
}, 200)
def post(self):
"""
Access token refresh
"""
try:
token = RefreshTokenModel.objects(
identity=UUID(get_jwt_identity())).first()
if not token:
abort(401)
return {
'accessToken':
create_access_token(
TokenModel.generate_token(AccessTokenModel, token.owner))
} if token.owner.pw == token.pw_snapshot else Response('', 205)
except ValueError:
abort(422)
def post(self):
"""
새로운 Access Token 획득
"""
try:
token = RefreshTokenModel.objects(
identity=UUID(get_jwt_identity())).first()
if not token or token.owner.pw != token.pw_snapshot:
# Invalid token or the token issuing password is different from the current password
# Returns status code 205 : Reset Content
return Response('', 205)
return self.unicode_safe_json_response(
{
'access_token':
create_access_token(
TokenModel.generate_token(
AccessTokenModel, token.owner,
request.headers['USER-AGENT']))
}, 200)
except ValueError:
abort(422)
def testAuthSuccess(self):
# (1) 로그인
resp = self._request()
# (2) status code 200
self.assertEqual(resp.status_code, 200)
# (3) response data
data = resp.json
self.assertIn('accessToken', data)
self.assertIn('refreshToken', data)
access_token = data['accessToken']
refresh_token = data['refreshToken']
self.assertIsInstance(access_token, str)
self.assertIsInstance(refresh_token, str)
self.assertRegex(data['accessToken'], self.token_regex)
self.assertRegex(data['refreshToken'], self.token_regex)
# (4) 데이터베이스 확인
access_token_obj = AccessTokenModel.objects(
owner=self.primary_user).first()
self.assertTrue(access_token_obj)
self.assertEqual(
jwt.decode(access_token, self.app.secret_key, 'HS256')['identity'],
str(access_token_obj.identity))
refresh_token_obj = RefreshTokenModel.objects(
owner=self.primary_user).first()
self.assertTrue(access_token_obj)
self.assertEqual(
jwt.decode(refresh_token, self.app.secret_key,
'HS256')['identity'], str(refresh_token_obj.identity))