def post(self): # get auth token auth_header = request.headers.get('Authorization') if auth_header: auth_token = auth_header.split(" ")[1] else: auth_token = '' if auth_token: resp = User.decode_auth_token(auth_token) if not isinstance(resp, str): # mark the token as blacklisted blacklist_token = BlacklistToken(token=auth_token) try: # insert the token db.session.add(blacklist_token) db.session.commit() responseObject = { 'status': 'success', 'message': 'Successfully logged out.' } return make_response(jsonify(responseObject)), 200 except Exception as e: responseObject = {'status': 'fail', 'message': e} return make_response(jsonify(responseObject)), 200 else: responseObject = {'status': 'fail', 'message': resp} return make_response(jsonify(responseObject)), 401 else: responseObject = { 'status': 'fail', 'message': 'Provide a valid auth token.' } return make_response(jsonify(responseObject)), 403
def decorated(*args, **kwargs): token = None if 'Authorization' in request.headers: token = request.headers['Authorization'][7:] if not token: return jsonify({'message': 'Token is missing.'}), 401 try: public_id = User.decode_auth_token(token) except jwt.ExpiredSignatureError: return jsonify( {'message': 'Token signature expired. Please log in again.'}), 401 except jwt.InvalidTokenError: return jsonify({'message': 'Invalid token. Please log in again.'}), 401 current_user = User.query.filter_by(public_id=public_id).first() return f(current_user, *args, **kwargs)
def is_authorized(): auth_header = request.headers.get('Authorization') if auth_header: auth_header = auth_header auth_token = auth_header.split(" ") if len(auth_token) > 1: auth_token = auth_token[1] if len(auth_token) > 1 else '' else: return False, _('Bad authentication. Please try again') else: return False, _('Bad authentication. Please try again') if auth_token: try: resp = User.decode_auth_token(auth_token) except Exception as e: return False, str(e) return True, resp
def post(self): auth_token = extract_token() if auth_token: try: resp = User.decode_auth_token(auth_token) except Exception as e: responseObject = ResponseJSON(str(e)) return make_response(jsonify(public_attr_to_dict(responseObject))), HTTPStatus.FORBIDDEN blacklis_token = BlacklistToken(auth_token) blacklis_token.user_update = resp try: db.session.add(blacklis_token) db.session.commit() responseObject = ResponseJSON(_("Succesfully logged out."), True) return make_response(jsonify(public_attr_to_dict(responseObject))), HTTPStatus.OK except Exception as e: responseObject = ResponseJSON(_('Some error ocurred. Please try again.')) return make_response(jsonify(public_attr_to_dict(responseObject))), HTTPStatus.INTERNAL_SERVER_ERROR else: responseObject = ResponseJSON(_('Bad authentication. Please try again')) return make_response(jsonify(public_attr_to_dict(responseObject))), HTTPStatus.FORBIDDEN
def get(self): # get the auth token auth_header = request.headers.get('Authorization') if auth_header: try: auth_token = auth_header.split(" ")[1] except IndexError: responseObject = { 'status': 'fail', 'message': 'Bearer token malformed.' } return make_response(jsonify(responseObject)), 401 else: auth_token = '' if auth_token: resp = User.decode_auth_token(auth_token) if not isinstance(resp, str): user = User.query.filter_by(id=resp).first() responseObject = { 'status': 'success', 'data': { 'user_id': user.id, 'email': user.email, 'admin': user.admin, 'registered_on': user.registered_on } } return make_response(jsonify(responseObject)), 200 responseObject = {'status': 'fail', 'message': resp} return make_response(jsonify(responseObject)), 401 else: responseObject = { 'status': 'fail', 'message': 'Provide a valid auth token.' } return make_response(jsonify(responseObject)), 401