def validate():
current_app.logger.info(f"Validate token")
try:
token = request.json["token"]
except KeyError:
status = constants.statuses["tokens"]["missingData"]
body = create_error(status, "No token get")
current_app.logger.warn("No token for validation")
return jsonify(body), constants.responses[status]
current_app.logger.debug(f"Access token value {token}")
body, status = Storage.check_token(token)
http_status = constants.responses[status]
if status == constants.statuses["tokens"]["accessOk"]:
body = dict(status=status, value=body)
elif status == constants.statuses["tokens"]["invalidToken"]:
body = create_error(status,
"Access token has invalid format",
error=body)
else: # status == constants.statuses["tokens"]["accessTokenExpired"]:
body = create_error(status, "Access token expired", error=body)
return jsonify(body), http_status
def confirm(token: str):
current_app.logger.info(f"Confirming user")
current_app.logger.debug(f"Confirm by token {token}")
body, status = Storage.confirm_user(token)
http_status = constants.responses[status]
if status == constants.statuses["user"]["confirmed"]:
body = dict(status=status, body=body)
elif status == constants.statuses["tokens"]["invalidToken"]:
body = create_error(status, "Access token has invalid format", error=body)
return jsonify(body), http_status
def Validate(self, request, context):
with app.app_context():
validation, status = Storage.check_token(request.access_token)
response = auth_pb2.ValidateResponse()
response.status = status
if status == constants.statuses["tokens"]["accessOk"]:
response.user_id = validation["user_id"]
response.session = validation["session"]
response.role = validation["role"]
response.email = validation["email"]
else:
response.error = str(validation)
return response
def refresh_tokens():
current_app.logger.info("Refresh tokens pair")
try:
token = request.json["token"]
except KeyError:
status = constants.statuses["tokens"]["missingData"]
body = create_error(status, "No token get")
current_app.logger.warn("No token for refreshment")
return jsonify(body), constants.responses[status]
current_app.logger.debug(f"Refresh token value {token}")
access, refresh, status = Storage.update_session(token)
http_status = constants.responses[status]
if status == constants.statuses["tokens"]["created"]:
body = dict(status=status, accessToken=access, refreshToken=refresh)
elif status == constants.statuses["tokens"]["noSuchToken"]:
body = create_error(status, "No information about token")
else: # status == constants.statuses["user"]["refreshExpired"]:
body = create_error(status, "Refresh token expired")
return jsonify(body), http_status
def sign_in():
try:
email = request.json["email"]
password = request.json["password"]
except KeyError:
status = constants.statuses["user"]["missingData"]
body = create_error(status, "missing user data")
current_app.logger.warn("Not enough data for sing-in")
return jsonify(body), constants.responses[status]
current_app.logger.info(f"Sing in for {email}")
access, refresh, status = Storage.create_session(email, password)
http_status = constants.responses[status]
if status == constants.statuses["tokens"]["created"]:
body = dict(status=status, accessToken=access, refreshToken=refresh)
elif status == constants.statuses["user"]["wrongPassword"]:
body = create_error(status, "wrong password for email {{email}}", email=email)
elif status == constants.statuses["user"]["notConfirmed"]:
body = create_error(status, "Account not confirmed")
else: # status == constants.statuses["user"]["noUser"]:
body = create_error(status, "No user for email {{email}}", email=email)
return jsonify(body), http_status
def register_user():
try:
email = request.json["email"]
password = request.json["password"]
except (KeyError, TypeError):
status = constants.statuses["user"]["missingData"]
body = create_error(status, "missing user data")
current_app.logger.warn("Not enough data for sing-up")
return jsonify(body), constants.responses[status]
current_app.logger.info(f"Sing up for {email}")
user_id, status = Storage.add_user(email, password)
http_status = constants.responses[status]
if status == constants.statuses["user"]["created"]:
body = dict(status=status, email=email, user_id=user_id)
elif status == constants.statuses["user"]["invalidEmail"]:
body = create_error(status, "email {{email}} is invalid", email=email)
else: # status == constants.statuses["user"]["emailUsed"]:
body = create_error(status,
"email {{email}} is already registered",
email=email)
return jsonify(body), http_status
def change_role():
current_app.logger.info("Make other user admin")
if (token := request.headers.get("Authorization")) is None:
status = constants.statuses["user"]["unauthorized"]
body = create_error(status, "No token get")
current_app.logger.warn("No token detected")
return jsonify(body), constants.responses[status]
token = token.strip("Bearer ")
if (user_id := request.json.get("user_id")) is None or (
role := request.json.get("role")) is None:
status = constants.statuses["user"]["missingData"]
return (
jsonify(create_error(status, "Not enough data to change role")),
constants.responses[status],
)
status = Storage.change_role(token, user_id, role)
http_status = constants.responses[status]
if status == constants.statuses["user"]["roleChanged"]:
body = dict(status=status)
elif status == constants.statuses["tokens"]["invalidToken"]:
body = create_error(status, "Invalid admin access token")
else: # status == constants.statuses["user"]["requestNotAllowed"]:
body = create_error(status, "User is not allowed to do this request")
return jsonify(body), http_status