def wrapper(*args, **kwargs):
try:
if decode_token(request.args.get('token')).get('admin'):
return func(*args, **kwargs)
return create_error('User is not authorized!', 401)
except jwt.ExpiredSignatureError:
return create_error('Signature expired. Please log in again.', 401)
except jwt.InvalidTokenError:
return create_error('Invalid token. Please log in again.', 400)
def wrapper(*args, **kwargs):
try:
user_id = kwargs.get('user_id')
if user := User.query.filter_by(id=user_id).first():
decoded_user = decode_token(request.args.get('token'))
if user.id == user_id or decoded_user.get('admin'):
return func(*args, **kwargs)
return create_error('Invalid token. Please log in again!', 400)
return create_error('User not found!', 404)
def refresh_token():
if token := request.args.get('token'):
try:
decoded_token = decode_token(token)
user_id = decoded_token.get('id')
if user := User.query.filter_by(id=user_id).first():
decoded_key = decoded_token.get('key')
current_key = current_app.config.get(
'SECRET_KEY') + user.password
if bcrypt.checkpw(current_key.encode('utf8'),
decoded_key.encode('utf8')):
return {'token': generate_token(user)}
return create_error('Password changed!', 401)
return create_error('User not found!', 404)
def is_authenticated(func):
@wraps(func)
def wrapper(*args, **kwargs):
try:
user_id = kwargs.get('user_id')
if user := User.query.filter_by(id=user_id).first():
decoded_user = decode_token(request.args.get('token'))
if user.id == user_id or decoded_user.get('admin'):
return func(*args, **kwargs)
return create_error('Invalid token. Please log in again!', 400)
return create_error('User not found!', 404)
except jwt.ExpiredSignatureError:
return create_error('Signature expired. Please log in again.', 401)
def is_authenticated(func):
@wraps(func)
def wrapper(*args, **kwargs):
try:
user_id = kwargs.get('user_id')
if user := User.query.filter_by(id=user_id).first():
decoded_user = decode_token(request.args.get('token'))
if user.id == user_id or decoded_user.get('admin'):
return func(*args, **kwargs)
return create_error('Invalid token. Please log in again!', 400)
return create_error('User not found!', 404)
except jwt.ExpiredSignatureError:
return create_error('Signature expired. Please log in again.', 401)
except jwt.InvalidTokenError:
return create_error('Invalid token. Please log in again.', 400)
return wrapper
def is_authorized(func):
@wraps(func)
def wrapper(*args, **kwargs):
try:
if decode_token(request.args.get('token')).get('admin'):
return func(*args, **kwargs)
return create_error('User is not authorized!', 401)
except jwt.ExpiredSignatureError:
return create_error('Signature expired. Please log in again.', 401)
except jwt.InvalidTokenError:
def create_user():
if error := user_creation_schema.validate(request.json):
return create_error(error, 400)
from flask import Blueprint, jsonify, request
from .models import User
from .schemas import user_schema, users_schema, user_creation_schema
from banck.auth.decorators import is_authenticated, is_authorized
from banck.utils import create_error
users = Blueprint('users', __name__)
@users.route('/api/users/<int:user_id>', methods=['GET'])
@is_authenticated
def get_user(user_id):
if user := User.query.filter_by(id=user_id).first():
return user_schema.dump(user)
return create_error('User not found!', 404)
@users.route('/api/users', methods=['GET'])
@is_authorized
def get_users():
return jsonify(users_schema.dump(User.query.all()))
@users.route('/api/users', methods=['POST'])
def create_user():
if error := user_creation_schema.validate(request.json):
return create_error(error, 400)
user = User(
request.json.get('name'), request.json.get('last_name'),
def login():
if error := login_schema.validate(request.json):
return create_error(error, 400)
return create_error(error, 400)
email = request.json.get('email')
password = request.json.get('password')
if user := User.query.filter_by(email=email).first():
print(password.encode('utf8'))
print(user.password.encode('utf8'))
if bcrypt.checkpw(password.encode('utf8'),
user.password.encode('utf8')):
return {
'token': generate_token(user),
'refresh_token': generate_refresh_token(user)
}
return create_error('Incorrect password!', 403)
return create_error('User not found!', 404)
@auth.route('/auth/signup', methods=['POST'])
def signup():
if error := user_creation_schema.validate(request.json):
return create_error(error, 400)
user = User(
request.json.get('name'), request.json.get('last_name'),
request.json.get('email'),
bcrypt.hashpw(
request.json.get('password').encode('utf8'), bcrypt.gensalt()))
if user.exists():