async def refresh_token(Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
current_user = Authorize.get_jwt_identity()
ret = {
'access_token': AuthJWT.create_access_token(identity=current_user)
}
return ret
async def get_refresh_token(Authorize: AuthJWT = Depends()):
"""
Use refresh token to update access and refresh token
"""
Authorize.jwt_refresh_token_required()
raw_jwt = Authorize.get_raw_jwt()
return create_tokens(Authorize, **raw_jwt)
def refresh(Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
current_user = Authorize.get_jwt_subject()
new_access_token = Authorize.create_access_token(subject=current_user)
Authorize.set_access_cookies(new_access_token)
return {"refresh": "successful", "access_token": new_access_token}
def refresh(Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
current_user = Authorize.get_jwt_subject()
new_access_token = Authorize.create_access_token(subject=current_user)
Authorize.set_access_cookies(new_access_token)
return {"msg": "The token has been refresh"}
def refresh(Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
current_token = Authorize.get_jwt_subject()
new_access_token = Authorize.create_access_token(
subject=str(current_token))
# Set the JWT cookies in the response
Authorize.set_access_cookies(new_access_token)
return {"msg": "The token has been refresh"}
def refresh_token(Authorize: AuthJWT = Depends()):
"""
- Retreive current user using JWT token
"""
Authorize.jwt_refresh_token_required()
current_user = Authorize.get_jwt_identity()
ret = {'access_token': AuthJWT.create_access_token(identity=current_user)}
return current_user
def refresh(Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
current_user = Authorize.get_jwt_identity()
return {
'access_token':
Authorize.create_access_token(identity=current_user, fresh=False)
}
def refresh_revoke(Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
# Store the tokens in redis with the value true for revoked.
# We can also set an expires time on these tokens in redis,
# so they will get automatically removed after they expire.
jti = Authorize.get_raw_jwt()['jti']
redis_conn.setex(jti, REFRESH_EXPIRES, 'true')
return {"msg": "Refresh token revoked"}
def auth_jwt_decode_refresh_token(
auth_jwt: AuthJWT = Depends(),
) -> JWTToken:
try:
auth_jwt.jwt_refresh_token_required()
payload = auth_jwt.get_raw_jwt()
return JWTRefreshToken(**payload)
except Exception:
raise UnauthorizedError(message="JWT Format Error")
async def get_refresh_token(db: Session = Depends(deps.get_db),
Authorize: AuthJWT = Depends()) -> dict:
Authorize.jwt_refresh_token_required()
current_user = Authorize.get_jwt_subject()
new_access_token = Authorize.create_access_token(subject=current_user)
return {
'access_token': new_access_token,
'token_type': 'bearer',
}
async def refresh_access_token(Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
user_email = Authorize.get_jwt_subject()
user = await User.get_or_none(email=user_email).first()
if user is None:
raise HTTPException(403, "JWT subject not found")
return {"access_token": Authorize.create_access_token(subject=user_email)}
def refresh(Authorize: AuthJWT = Depends()):
"""
Refresh token endpoint. This will generate a new access token from
the refresh token, but will mark that access token as non-fresh,
as we do not actually verify a password in this endpoint.
"""
Authorize.jwt_refresh_token_required()
current_user = Authorize.get_jwt_subject()
new_access_token = Authorize.create_access_token(subject=current_user)
return {"access_token": new_access_token}
async def websocket_jwt_refresh_required(
websocket: WebSocket,
token: str = Query(...),
Authorize: AuthJWT = Depends()
):
await websocket.accept()
try:
Authorize.jwt_refresh_token_required("websocket",token=token)
await websocket.send_text("Successfully Login!")
except AuthJWTException as err:
await websocket.send_text(err.message)
await websocket.close()
def get_refresh_token(
current_user: User = Depends(get_current_user_with_refresh_token),
Authorize: AuthJWT = Depends(),
):
"""
Renew expired acces_token with refresh_token
"""
Authorize.jwt_refresh_token_required()
logging.info(f"refresh_token user find : {current_user}")
return generate_access_token_and_refresh_token_response(
user_id=current_user.id, is_superuser=current_user.is_superuser)
def auth_jwt_raw_refresh_token(
request: Request,
auth_jwt: AuthJWT = Depends(),
) -> str:
auth = request.headers.get(auth_jwt._header_name.lower())
if not auth:
auth_jwt._token = None
try:
auth_jwt.jwt_refresh_token_required()
return auth_jwt._token or ""
except Exception:
return ""
def refresh(Authorize: AuthJWT = Depends()):
"""
The jwt_refresh_token_required() function insures a valid refresh
token is present in the request before running any code below that function.
we can use the get_jwt_subject() function to get the subject of the refresh
token, and use the create_access_token() function again to make a new access token
"""
Authorize.jwt_refresh_token_required()
current_user = Authorize.get_jwt_subject()
new_access_token = Authorize.create_access_token(subject=current_user)
return {"access_token": new_access_token}
async def login(Authorization: AuthJWT = Depends()):
# add previous access jwt token to denylist
saved_token = redis_denylist.get('saved_token')
redis_denylist.setex(
Authorization.get_raw_jwt(saved_token)['jti'],
settings.ACCESS_TOKEN_EXPIRE_MINUTES * 60, 'true')
Authorization.jwt_refresh_token_required()
# add previous refresh jwt token to denylist
redis_denylist.setex(Authorization.get_raw_jwt()['jti'],
settings.REFRESH_TOKER_EXPIRE_MINUTES * 60, 'true')
subject = Authorization.get_jwt_subject()
return create_token_pair(Authorization, subject)
async def refresh_tokens(Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
current_user = Authorize.get_jwt_subject()
jti = Authorize.get_raw_jwt()['jti']
access_token = Authorize.create_access_token(subject=current_user)
refresh_token = Authorize.create_refresh_token(subject=current_user)
if not DEBUG_LOGIN:
app.state.redis.revoke_tokens(jti)
app.state.redis.save_tokens(Authorize.get_jti(access_token), Authorize.get_jti(refresh_token))
return {"access_token": access_token, "refresh_token": refresh_token, "result": True}
def refresh(
Authorize: AuthJWT = Depends(),
db: Session = Depends(get_db),
):
Authorize.jwt_refresh_token_required()
user_id = Authorize.get_jwt_subject()
current_user = userCRUD.get(db, user_id)
if not current_user:
return HTTPException(404, "User with ID {} not found".format(user_id))
access_token = Authorize.create_access_token(subject=user_id,
user_claims={
"username":
current_user.username,
"email":
current_user.email,
})
return {"access_token": access_token}
async def get_active_user_from_cookie(request: Request,
db_session: Session = Depends(get_db),
Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
token = Authorize.get_raw_jwt()
# admin user
admin = token.get('admin', False)
if admin:
user = get_admin_user_by_email(db_session, token.get('sub'))
if user is None or not user.active:
raise CREDENTIALS_EXCEPTION
return user
filer = token.get('filer', False)
if filer:
user = get_filer_user_by_email(db_session, token.get('sub'))
if user is None or not user.active:
raise CREDENTIALS_EXCEPTION
return user
raise CREDENTIALS_EXCEPTION
async def refresh_token(Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
user_id = Authorize.get_jwt_identity()
new_token = Authorize.create_access_token(identity=user_id,fresh=False)
return {"access_token": new_token}
def get_refresh_token(Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
return Authorize.get_jwt_subject()
def refresh_revoke(Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
jti = Authorize.get_raw_jwt()['jti']
denylist.add(jti)
return {"detail": "Refresh token has been revoke"}
def jwt_refresh_required(Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
return {'hello': 'world'}
def update_user(user_id: int, user: User, Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
db.update_user_by_id(user_id, user)
new_access_token = Authorize.create_access_token(subject=user.email)
Authorize.set_access_cookies(new_access_token)
return {"detail": "User data updated"}
def jwt_refresh(Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
return {"hello": Authorize.get_jwt_subject()}
def refresh_revoke(Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
jti = Authorize.get_raw_jwt()['jti']
blacklist.add(jti)
return {"msg": "Refresh token revoked"}
def get_headers_refresh(Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
return Authorize.get_unverified_jwt_headers()
def refresh(Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
current_user = Authorize.get_jwt_subject()
new_access_token = Authorize.create_access_token(subject=current_user)
return {"access_token": new_access_token}
async def refresh_token_revoke(Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
jti = Authorize.get_raw_jwt()['jti']
conn_redis.setex(jti,REFRESH_EXPIRES,"true")
return {"message":"Refresh token revoked."}
