def login_verify(self, request): """Exposes an API endpoint to verify if it is a valid user a returns a valid JWT to identify the user Args: request: User Information -> Username and Password Returns: A JSON Web Token to identify the User """ entity = RankingUser.query(RankingUser.username==request.username, RankingUser.password==request.password).get() if entity is not None: encoded_jwt = jwt.encode({'username': entity.username,'email':entity.email}, JWT_SECRET_KEY, algorithm='HS256') else: message = 'Not valid user credentials' raise endpoints.UnauthorizedException(message) return LoginResponse(jwt=encoded_jwt)
def movies_get(self, request): """Exposes an API endpoint to obtain the details of a Movie Args: request: Id of the movie Returns: An Instance containing the Movie Details """ #get jwt and validates if user exists self.validate_jwtoken(self.request_state) selected_movie = Movie.get_by_id(request.id) if selected_movie is None: message = 'No movie with the id "%s" exists.' % request.id raise endpoints.NotFoundException(message) list_of_users_voted_movies_query = MovieRankingUser.query(MovieRankingUser.movie==selected_movie.key).fetch() list_of_users_voted = [RankingUser.query(RankingUser.key==user_movie_relation.user).get().to_simpler_message() for user_movie_relation in list_of_users_voted_movies_query] return selected_movie.to_message(users_who_voted=list_of_users_voted)
def validate_jwtoken(request_state): # Get the HTTP Authorization header. auth_header = request_state.headers.get('authorization') if not auth_header: raise endpoints.UnauthorizedException("No authorization header.") # Get the encoded jwt token. auth_token = auth_header.split(' ').pop() # Decode and verify the token try: payload = jwt.decode(auth_token, JWT_SECRET_KEY, algorithms=['HS256']) entity = RankingUser.query(RankingUser.username==payload['username'], RankingUser.email==payload['email']).get() if entity is not None: return entity else: raise endpoints.UnauthorizedException("Invalid User Authentication.") except jwt.InvalidTokenError: raise endpoints.UnauthorizedException("Token validation failed.")