def get_token(Authorize: AuthJWT = Depends()):
access_token = Authorize.create_access_token(subject=1, fresh=True)
refresh_token = Authorize.create_refresh_token(subject=1)
Authorize.set_access_cookies(access_token)
Authorize.set_refresh_cookies(refresh_token)
return {"access": access_token, "refresh": refresh_token}
def get_cookie(Authorize: AuthJWT = Depends()):
access_token = Authorize.create_access_token(subject='test',fresh=True)
refresh_token = Authorize.create_refresh_token(subject='test')
Authorize.set_access_cookies(access_token)
Authorize.set_refresh_cookies(refresh_token)
return {"msg":"Successfully login"}
async def get_login_response(
request: Request,
response: Response,
auth_jwt: AuthJWT,
parameters: AuthParams,
access_token: str,
refresh_token: str,
) -> Any:
if parameters.cookie:
if access_token:
auth_jwt.set_access_cookies(access_token, response)
if refresh_token:
auth_jwt.set_refresh_cookies(refresh_token, response)
if parameters.response_type == "json":
return schemas.StandardResponse(
schemas.AuthTokens(
access_token=access_token,
refresh_token=refresh_token,
token_type="bearer",
))
if parameters.response_type == "redirect":
redirect_url = parameters.redirect_url or str(get_base_url(request))
if set_redirect_response(response, redirect_url):
return None
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST)
def all_token_response(Authorize: AuthJWT = Depends()):
access_token = Authorize.create_access_token(subject=1, fresh=True)
refresh_token = Authorize.create_refresh_token(subject=1)
response = JSONResponse(content={"msg": "all token"})
Authorize.set_access_cookies(access_token, response)
Authorize.set_refresh_cookies(refresh_token, response)
return response
def login(
user: schemas.UserCreate,
db: Session = Depends(get_db),
Authorize: AuthJWT = Depends(),
):
crud.prune_blacklist(db)
_user = (db.query(models.User).filter(
models.User.username == user.username.casefold()).first())
if _user is not None and crud.verify_password(user.password,
_user.hashed_password):
# Create Tokens
access_token = Authorize.create_access_token(subject=user.username)
refresh_token = Authorize.create_refresh_token(subject=user.username)
# Assign cookies
Authorize.set_access_cookies(access_token)
Authorize.set_refresh_cookies(refresh_token)
return {
"login": "******",
"username": _user.username,
"access_token": access_token,
}
else:
raise HTTPException(status_code=400,
detail="Invalid Username or Password.")
def refresh(Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
current_user = Authorize.get_jwt_subject()
new_access_token = Authorize.create_access_token(subject=current_user)
Authorize.set_access_cookies(new_access_token)
return {"refresh": "successful", "access_token": new_access_token}
def refresh(Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
current_user = Authorize.get_jwt_subject()
new_access_token = Authorize.create_access_token(subject=current_user)
Authorize.set_access_cookies(new_access_token)
return {"msg": "The token has been refresh"}
def create_token_for_user(Authorize: AuthJWT, user_id: str) -> Dict:
response = RedirectResponse(
f'{Config["routes"]["client"]}/login_callback?user_id={user_id}')
access_token = Authorize.create_access_token(subject=user_id)
refresh_token = Authorize.create_refresh_token(subject=user_id)
Authorize.set_access_cookies(access_token, response)
Authorize.set_refresh_cookies(refresh_token, response)
return response
def refresh(Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
current_token = Authorize.get_jwt_subject()
new_access_token = Authorize.create_access_token(
subject=str(current_token))
# Set the JWT cookies in the response
Authorize.set_access_cookies(new_access_token)
return {"msg": "The token has been refresh"}
def create_access_and_refresh_tokens(user_id: str, Authorize: AuthJWT):
try:
access_token = Authorize.create_access_token(subject=user_id)
Authorize.set_access_cookies(access_token)
refresh_token = Authorize.create_refresh_token(subject=user_id)
Authorize.set_refresh_cookies(refresh_token)
except:
raise HTTPException(
status_code=500,
detail=f"Error while trying to create and refresh tokens")
def login(user: User, Authorize: AuthJWT = Depends()):
msg = password_check(user.password)
if len(msg) >= 1:
raise HTTPException(status_code=401,detail=msg)
# subject identifier for who this token is for example id or username from database
access_token = Authorize.create_access_token(subject=user.username)
refresh_token = Authorize.create_refresh_token(subject=user.username)
# Set the JWT cookies in the response
Authorize.set_access_cookies(access_token)
Authorize.set_refresh_cookies(refresh_token)
return {"msg":"Successfully login"}
def login(user: User, Authorize: AuthJWT = Depends()):
if user.username != "test" or user.password != "test":
raise HTTPException(status_code=401, detail="Bad username or password")
# Create the tokens and passing to set_access_cookies or set_refresh_cookies
access_token = Authorize.create_access_token(subject=user.username)
refresh_token = Authorize.create_refresh_token(subject=user.username)
# Set the JWT cookies in the response
Authorize.set_access_cookies(access_token)
Authorize.set_refresh_cookies(refresh_token)
return {"msg": "Successfully login"}
def login_for_access_token(form_data: User, authorize: AuthJWT = Depends()):
"""Check username and password and return a token"""
user = authenticate_user(users_db, form_data.username, form_data.password)
if not user:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Incorrect username or password",
headers={"WWW-Authenticate": "Bearer"},
)
access_token = authorize.create_access_token(subject=form_data.username)
authorize.set_access_cookies(access_token)
return {"msg": "Successfully login"}
async def login_post(response: Response,
username=Form(...),
password=Form(...),
db=Depends(get_db),
Authorize: AuthJWT = Depends()):
user_vals = db.query(User).filter(User.username == username).first()
if user_vals is None:
return {"error": "user not found"}
if bcrypt.checkpw(password.encode(), user_vals.hashed_pword):
access_token = Authorize.create_access_token(subject=username)
Authorize.set_access_cookies(access_token)
return {'access_token': access_token}
else:
return 'incorrect password'
def user_login(credentials: Credentials,
Authorize: AuthJWT = Depends(),
db: Database = Depends(mysql_connection)):
Authorize.jwt_optional()
print(credentials)
if not db.is_user_registred(credentials.email, credentials.password):
raise HTTPException(status_code=401, detail="Bad credentials")
access_token = Authorize.create_access_token(subject=credentials.email)
refresh_token = Authorize.create_refresh_token(subject=credentials.email)
response = JSONResponse(
{"user_id": db.find_user_by_email(credentials.email)[0]})
Authorize.set_access_cookies(access_token, response)
Authorize.set_refresh_cookies(refresh_token, response)
return response
def login(user: User, Authorize: AuthJWT = Depends()):
"""
With authjwt_cookie_csrf_protect set to True, set_access_cookies() and
set_refresh_cookies() will now also set the non-httponly CSRF cookies
"""
if user.username != "test" or user.password != "test":
raise HTTPException(status_code=401, detail="Bad username or password")
# Create the tokens and passing to set_access_cookies or set_refresh_cookies
access_token = Authorize.create_access_token(subject=user.username)
refresh_token = Authorize.create_refresh_token(subject=user.username)
# Set the JWT and CSRF double submit cookies in the response
Authorize.set_access_cookies(access_token)
Authorize.set_refresh_cookies(refresh_token)
return {"msg": "Successfully login"}
async def login(
self,
form: forms.LoginInput,
response: Response,
authorize: AuthJWT = Depends(),
) -> forms.LoginOutput:
"""Получение JWT токена для выполнения последующих операций"""
user = await models.User.get_or_none(email=form.email)
if (user is None) or (not utils.auth.check_password(form.password, user.password)):
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED)
access_token = authorize.create_access_token(
subject=user.email, expires_time=settings.expiration_token_time
)
authorize.set_access_cookies(access_token, response)
return forms.LoginOutput(token=access_token)
async def login(request: Request, user: Login, Authorize: AuthJWT = Depends()):
# """
# create access and refresh token and save it as
# httponly cookie
# """
# query = USER.select().where(USER.c.email == user.email)
# data = await database.fetch_one(query)
data = await UserSchema.get(user.email)
if data == None or user.email != data['email'] or user.password != data[
'password']:
raise HTTPException(status_code=401, detail="Bad username or password")
token = Authorize.create_access_token(subject=user.email)
refresh_token = Authorize.create_refresh_token(subject=user.email)
Authorize.set_access_cookies(token)
Authorize.set_refresh_cookies(refresh_token)
return {"msg": "Successfully login"}
def all_token(Authorize: AuthJWT = Depends()):
access_token = Authorize.create_access_token(subject=1, fresh=True)
refresh_token = Authorize.create_refresh_token(subject=1)
Authorize.set_access_cookies(access_token)
Authorize.set_refresh_cookies(refresh_token)
return {"msg": "all token"}
def get_token_from_email(account: AccountBasicLoginSchema,
Authorize: AuthJWT = Depends()):
access_token = Authorize.create_access_token(subject=str(account.email))
Authorize.set_access_cookies(access_token)
def update_user(user_id: int, user: User, Authorize: AuthJWT = Depends()):
Authorize.jwt_refresh_token_required()
db.update_user_by_id(user_id, user)
new_access_token = Authorize.create_access_token(subject=user.email)
Authorize.set_access_cookies(new_access_token)
return {"detail": "User data updated"}
def access_token(Authorize: AuthJWT = Depends()):
access_token = Authorize.create_access_token(subject=1)
Authorize.set_access_cookies(access_token)
return {"msg": "access token"}
