def secure_function(*args, **kwargs): id = get_jwt_identity() user = UserModel.find_user(get_jwt_identity( )) # get the identity from access tocken, here is user.id if user.userType <= userType: return func(*args, **kwargs) else: return f"No {userType} permissions for {user.username}."
def post(slef): id = get_jwt_identity() user = UserModel.find_user(get_jwt_identity( )) # get the identity from access tocken, here is user.id return { "message": f"get inside this post just after login and get a fresh token: {user.username}" }, 201
def get(self): id = get_jwt_identity() user = UserModel.find_user(get_jwt_identity( )) # get the identity from access tocken, here is user.id return { "message": f" get with Authentecation successfully: {user.username}" }, 201
def delete(slef): # this function just for Admin permations id = get_jwt_identity() user = UserModel.find_user(get_jwt_identity( )) # get the identity from access tocken, here is user.id return { "message": f"this function just for SuberAdmin permations: {user.username}" }, 201
def update_acc_verified(cls, token): active = UserModel.activate_account(token) if active: return { "status": 200, "message": "Account has been Activated successfully" } else: return { "status": 401, "message": "failed the Activation" }
def create_tables(): db.create_all() username = "******" email = "*****@*****.**" salt = str(os.urandom(32)) token = hashing_text(str(uuid.uuid4), salt) userType = 1 #SuberAdmin current_time = current_local_time() # check if username or email not exit. existUser = UserModel.find_user(username) if existUser is None: existUser = UserModel.find_user(email) if existUser is None: user = UserModel(_id=str(uuid.uuid4()), username=username, email=email, password=hashing_text("!QA1qa", salt), salt=salt, first_name="Ahmad", last_name="Alloush", birthday="1979-5-5", userType=userType, login_date=current_time, acc_verified=True, token=token) try: user.save_to_db() return {"message": "User created successfully."}, 201 except Exception as ex: return {"message": "Servir Error"}, 500
def read(self): user = UserModel.find_user(self.usernameOrEmail) if user is None: return {"status": 401, "message": "This user not exist"} success = verify_password(user.password, user.salt, self.password) if not success: return { "status": 401, "message": "username or password was wrong!, please try agian" } # check if user Activate his Account or not if user.acc_verified is False: return { "status": 401, "message": "please check your email and Activate your Account" } # identity= is what the identity() function did in securityJWT.py, now stored in the JWT access_token = create_access_token(identity=user.username, fresh=True) refresh_token = create_refresh_token(user.id) # Store the tokens in redis with a status of not currently revoked. We # can use the `get_jti()` method to get the unique identifier string for # each token. We can also set an expires time on these tokens in redis, # so they will get automatically removed after they expire. We will set # everything to be automatically removed shortly after the token expires access_jti = get_jti(encoded_token=access_token ) # get the curent id of the access Token refresh_jti = get_jti( encoded_token=refresh_token ) # get the curent id of the refresh access Token revoked_store.set("token_black_list:" + access_jti, 'false', timedelta(minutes=15) * 1.2) revoked_store.set("token_black_list:" + refresh_jti, 'false', timedelta(days=30) * 1.2) return { "status": 200, "message": "Login Success", "username": user.username, "email": user.email, 'access_token': access_token, 'refresh_token': refresh_token }
def add_claims_to_jwt(identity): user = UserModel.find_user(identity) return {"username": user.username, "email": user.email}
def create(self): if not valid_email(self.email): return {"status": 401, "message": "email is not valid"} # if valid return True, else retrun json valid_pass = valid_password(self.password) if not valid_pass: # if password not valid retrun error message with status: 401 return { "status": 401, "message": "password must be longer than 5 and less than 18,\ must contain at least one number, one uppercase letter, \ one lowercase letter, and one punctuation" } # check if username or email not exit. user = UserModel.find_user(self.username) if user is None: user = UserModel.find_user(self.email) if user is not None: return {"status": 400, "message": "this user is existing before"} salt = str(os.urandom(32)) token = str(hashing_text(str(uuid.uuid4), salt)) user = UserModel(_id=str(uuid.uuid4()), username=self.username, email=self.email, password=hashing_text(self.password, salt), salt=salt, first_name="", last_name="", birthday=self.birthday, userType=4, login_date=current_local_time(), acc_verified=False, token=token) try: user.save_to_db() check_user = UserModel.find_user(self.username) if check_user is not None: # the url of app lik: http://localhost:5000 link = request.url_root[:-1] + url_for("userconfirm", token=token) SenderEmail = EmailSender( user.email, "Activation account", "please click at the next link to Activing your account:</br>" + link) SenderEmail.send() return { "status": 200, "message": "Add user successfully, please check your email to Activate this account" } return { "status": 400, "message": "Something wrong!, please try again" } except Exception as ex: return { "status": 500, "message": "Something wrong!, please call the support, ERROR=" + str(ex) }
def identity(payload): user_id = payload['identity'] return User.find_by_id(user_id)
def authenticate(username, password): # it does not matter if passed username or email to this method user = User.find_user(username) # compare if password is right if user and verify_password(user.password, user.salt, password): return user