def get_auth():
auth_header = request.headers.get('Authorization')
auth_token = auth_header.split(' ')[0]
if auth_token:
decoded = Users.decode_auth_token(auth_token)
if isinstance(decoded, str):
responseObject = {'status': 'error', 'message': decoded}
return jsonify(responseObject), 401
else:
user = Users.query.get(decoded)
responseObject = {
'status': 'success',
'data': {
'user_id': user.id,
'first_name': user.first_name,
'last_name': user.last_name,
'email': user.email,
'registered_on': user.registered_on
}
}
return jsonify(responseObject), 200
else:
responseObject = {'status': 'error', 'message': 'Invalid token.'}
return jsonify(responseObject), 401
def get_auth():
auth_header = request.headers.get('Authorization')
auth_token = auth_header.split(' ')[0]
if auth_token:
decoded = Users.decode_auth_token(auth_token)
if isinstance(decoded, str):
responseObject = {'status': 'error', 'message': decoded}
return jsonify(responseObject), 401
else:
user = Users.query.get(decoded)
responseObject = {
'status': 'success',
'data': {
'user_id': user.id,
'first_name': user.first_name,
'last_name': user.last_name,
'email': user.email,
'instrument': user.instrument,
'bio': user.bio,
'instructor': user.instructor,
'avatar': user.avatar,
'phone_number': user.phone_number
}
}
return jsonify(responseObject), 200
else:
responseObject = {'status': 'error', 'message': 'Invalid token.'}
return jsonify(responseObject), 401
def logout():
auth_header = request.headers.get('Authorization')
auth_token = auth_header.split(' ')[0]
if auth_token:
decoded = Users.decode_auth_token(auth_token)
if isinstance(decoded, str):
responseObject = {'status': 'error', 'message': decoded}
return jsonify(responseObject), 401
else:
blacklist_token = BlacklistToken(token=auth_token)
db.session.add(blacklist_token)
db.session.commit()
responseObject = {'status': 'success', 'message': 'Logged out.'}
return jsonify(responseObject), 200
else:
responseObject = {'status': 'error', 'message': 'Invalid token.'}
return jsonify(responseObject), 403
def decorated(*args, **kwargs):
token = None
if 'x-access-token' in request.headers:
token = request.headers['x-access-token']
if not token:
return jsonify({'message': 'Token is missing!'}), 401
try:
data = Users.decode_auth_token(token)
current_user = [data['id'], data['admin']]
if not current_user[1]:
return jsonify({'message':
'Cannot perform that function!'}), 403
except:
return jsonify({'message': 'Token is invalid!'}), 401
return f(*args, **kwargs)
def test_decode_auth_token(self):
user = Users(id=1, name='test_admin', password='******', admin=True)
auth_token = user.encode_auth_token(user)
self.assertTrue(isinstance(auth_token, str))
self.assertTrue((user.decode_auth_token(auth_token), auth_token))
