def revoke_token(): jti = get_raw_jwt()["jti"] RevokedToken.add(jti) return jsonify({ "status": "success", "message": "successuflly logged out" }), 200
def confirm_email(): if current_user.is_authenticated: #logout_user() return redirect(request.args.get('next') or url_for('home.index')) action = request.args.get('action') if action == 'confirm': token = request.args.get('token') if not token: return render_template('feedback.html', status=False, message=_('此激活链接无效,请准确复制邮件中的链接。')) if RT.query.get(token): return render_template('feedback.html', status=False, message=_('此激活链接已被使用过。')) RT.add(token) try: email = ts.loads(token, salt="email-confirm-key", max_age=86400) except: abort(404) user = User.query.filter_by(email=email).first_or_404() user.confirm() flash(_('Your email has been confirmed')) login_user(user) return redirect(url_for('home.index')) elif action == 'send': email = request.args.get('email') user = User.query.filter_by(email=email).first_or_404() print(user) if not user.confirmed: print(email) send_confirm_mail(email) return render_template('feedback.html', status=True, message=_('邮件已经发送,请查收!')) else: abort(404)
def post(self): """Logout a user using JWT refresh_token. --- tags: - User authentication and authorization security: $ref: '#/components/securitySchemes/BearAuth' responses: 200: description: Log out has been successful! 500: description: Internal server error """ jti = get_raw_jwt()['jti'] try: revoked_token = RevokedToken(jti) revoked_token.save() response = jsonify({ 'response_message': 'Log out has been successful!', 'status_code': 200 }) return response except Exception as error: response = jsonify({ 'response_message': str(error), 'status_code': 500 }) return response
def post(self): jti = get_raw_jwt()['jti'] try: revoked_token = RevokedToken(jti=jti) revoked_token.add() return {'msg': 'Token has been revoked'} except: return {'msg': 'Something error'}, 500
def post(self): jti = get_raw_jwt()['jti'] try: revoked_token = RevokedToken(jti = jti) revoked_token.add() return {'message': 'Access token has been revoked'},200 except: return {'message': 'Something went wrong'}, 500
def post(self): jti = get_raw_jwt()['jti'] try: revoked_token = RevokedToken(jti=jti) revoked_token.save() return {'message': 'Revoked refresh token'} except: return {'message': 'Error in revoking refresh token'}
def post(self): jti = get_raw_jwt()['jti'] try: revoked_token = RevokedToken(jti=jti) revoked_token.save() return {'message': 'Refresh token has been revoked'} except: return {'message': 'Something went wrong'}, 500
def post(self): #create new access token for user current_user = get_jwt_identity() access_token = create_access_token(identity=current_user) user = User.objects(username=current_user).first() in_use = InUseToken.objects(user=user).first() #revoke last access token revoked_token = RevokedToken( jti=decode_token(in_use.jwt_access)['jti']) revoked_token.save() #reload access token in in use tokens in_use.jwt_access = access_token in_use.save() return {'access_token': access_token}
def delete(self): body = request.get_json() email = body.get('email') username = body.get('username') password = body.get('password') user = UserModel.find_by_email(email) if not user: return {'message': 'cannot find user'}, 409 if user.username == username and user.check_password(password): user.delete_from_db() jti = get_raw_jwt()['jti'] revoked_token = RevokedToken(jti=jti) revoked_token.add() return {'status': 'deleted'}, 200 else: return {'message': 'invalid data'}, 400
def reset_password(token): '''重设密码''' if RT.query.get(token): return render_template('feedback.html', status=False, message=_('此密码重置链接已被使用过。')) form = ResetPasswordForm() if form.validate_on_submit(): RT.add(token) try: email = ts.loads(token, salt="password-reset-key", max_age=86400) except: return render_template('feedback.html', status=False, message=_('此密码重置链接无效,请准确复制邮件中的链接。')) user = User.query.filter_by(email=email).first_or_404() password = form['password'].data user.set_password(password) logout_user() flash('密码已经修改,请使用新密码登录。') return redirect(url_for('home.signin')) return render_template('reset-password.html',form=form)
def post(self): """This route handles logout """ auth_header = request.headers.get('Authorization') if auth_header is None: return jsonify({"message": "No token," " please provide a token"}), 401 access_token = auth_header.split()[1] if access_token: user_id = User.decode_token(access_token) if isinstance(user_id, int): revoked_token = RevokedToken(token=access_token) revoked_token.save() return jsonify({'message': 'Your have been logged out.'}), 201 else: message = user_id response = {'message': message} return make_response(jsonify(response)), 401 else: return jsonify({'message': 'please provide a valid token'})
def post(self): data = login_parser.parse_args() user = User.objects(username=data['username']).first() if user is None or not user.check_password(data['password']): return {'message': 'Username or password are incorrect'} elif not user.check_unique_id(data['unique_id']): #phone who is sending request is not registered return {'message': 'This telephone is not registered'} try: login_user(user) in_use = InUseToken.objects(user=user).first() if in_use is not None: print('in_use') access_token = in_use.jwt_access print('get access') try: revoked_token = RevokedToken( jti=decode_token(access_token)['jti']) revoked_token.save() print('revoked') except ExpiredSignatureError: print('already been revoked') access_token = create_access_token(identity=data['username']) in_use.jwt_access = access_token in_use.save() refresh_token = in_use.jwt_refresh else: access_token = create_access_token(identity=data['username']) refresh_token = create_refresh_token(identity=data['username']) new_in_use = InUseToken(jwt_access=access_token, jwt_refresh=refresh_token, user=user) new_in_use.hash_unique_id(data['unique_id']) new_in_use.save() return { 'message': 'Login was succesful', 'access_token': access_token, 'refresh_token': refresh_token } except: print(sys.exc_info()) return {'message': 'Unknown error'}
def delete(self): try: jti = get_raw_jwt()['jti'] revoked_token = RevokedToken(jti=jti) db.session.add(revoked_token) db.session.commit() return {'message': 'Revoked access token', 'code': 200} except Exception as err: print(err) return {'message': 'Internal server error', 'code': 500}
def post(self): try: user = User.objects(username=current_user.username).first() in_use = InUseToken.objects(user=user).first() jti_access = decode_token(in_use.jwt_access)['jti'] jti_refresh = decode_token(in_use.jwt_refresh)['jti'] revoked_access_token = RevokedToken(jti=jti_access) revoked_access_token.save() revoked_refresh_token = RevokedToken(jti=jti_refresh) revoked_refresh_token.save() in_use.delete() logout_user() return {'message': 'User was log out its tokens revoked'} except: try: logout_user() return {'message': 'User was log out'} except: return {'message': 'Error when logging out user'}
def token_black_listed_loader(dec_token): jti = dec_token["jti"] return RevokedToken.is_blacklisted(jti)
def post(self): """Post Method to logout user""" jti = get_raw_jwt()['jti'] revoked_token = RevokedToken(jti=jti) revoked_token.add_token() return {"message": "You are logged out."}, 200
def post(self): errors = 0 data = register_parser.parse_args() #This is the worst idea to deal with already in use data if User.objects(username=data['username']): errors += 1 if User.objects(email=data['email']): errors += 2 if User.objects(phone_number=data['phone_number']): errors += 4 if (errors == 0): new_user = User(username=data['username'], email=data['email'], first_name=data['first_name'], last_name=data['last_name'], phone_number=data['phone_number']) new_user.hash_password(data['password']) new_user.hash_unique_id(data['unique_id']) try: new_user.save() login_user(new_user) in_use = InUseToken.objects(user=new_user).first() if in_use is None: access_token = in_use.jwt_access try: revoked_token = RevokedToken( jti=decode_token(access_token)['jti']) revoked_token.save() except ExpiredSignatureError: print('already been revoked') access_token = create_access_token( identity=data['username']) in_use.jwt_access = access_token in_use.save() refresh_token = in_use.jwt_refresh else: access_token = create_access_token( identity=data['username']) refresh_token = create_refresh_token( identity=data['username']) in_use = InUseToken(jti_access=access_token, jti_refresh=refresh_token, user=new_user) in_use.hash_unique_id(data['unique_id']) in_use.save() return { 'message': 'User registered', 'access_token': access_token, 'refresh_token': refresh_token } except: return {'message': 'Unknown error'} elif (errors == 1): return {'message': 'Username is already in use'} elif (errors == 2): return {'message': 'Email is already in use'} elif (errors == 3): return {'message': 'Username and email are already in use'} elif (errors == 4): return {'message': 'Phone number is already in use'} elif (errors == 5): return {'message': 'Phone number and username are already in use'} elif (errors == 6): return {'message': 'Phone number and email are already in use'} elif (errors == 7): return { 'message': 'Phone number, email and username are already in use' }
def check_if_token_in_blacklist(decrypted_token): jti = decrypted_token['jti'] return RevokedToken.is_jti_blacklisted(jti)