def login():
json_data = request.get_json()
username = json_data["username"]
password = json_data["password"]
user = guard.authenticate(username, password)
token = guard.encode_jwt_token(user)
return jsonify({"access_token": token})
def login():
req = request.get_json(force=True)
username = req.get('username', None)
password = req.get('password', None)
user = guard.authenticate(username, password)
ret = {'token': guard.encode_jwt_token(user), 'user':{'username': user.username, 'id': user.id}}
return jsonify(ret), 200
def post(self):
"""authenticates user"""
req = request.get_json(force=True)
username = req.get('username', None)
password = req.get('password', None)
user = guard.authenticate(username, password)
ret = {'access_token': guard.encode_jwt_token(user)}
return ret
def post(self):
"""Login and get a JWT to consume the data"""
from app import guard
req = flask.request.get_json(force=True)
username = req.get('username', None)
password = req.get('password', None)
user = guard.authenticate(username, password)
token = guard.encode_jwt_token(user)
return {'access_token': token}
def post(self):
# I can confidently access parsed_args based on @accepts criteria
# use request.parsed_obj for body
# use request.parsed_args for query params
username = request.parsed_obj["username"]
password = request.parsed_obj["password"]
user = guard.authenticate(username, password)
ret = {"access_token": guard.encode_jwt_token(user)}
return ret
def login():
req = request.get_json(force=True)
email = req.get('email', None)
password = req.get('password', None)
user = guard.authenticate(email, password)
print(f"User praetorian: {user}", file=sys.stderr)
if user is None or not user.check_password(password):
return {'access_token': None}, 401
token = guard.encode_jwt_token(user)
return {'access_token': token}, 200
def post(self):
post_data = request.get_json(force=True)
email = post_data.get("email", None)
password = post_data.get("password", None)
if not get_user_by_email(email):
auth_namespace.abort(404, "User does not exist")
user = guard.authenticate(email, password)
ret = {"access_token": guard.encode_jwt_token(user)}
return ret
def login():
"""
Logs a user in by parsing a POST request containing user credentials and
issuing a JWT token.
.. example::
$ curl http://localhost:5000/login -X POST \
-d '{"username":"******","password":"******"}'
"""
req = request.get_json(force=True)
username = req.get('username', None)
password = req.get('password', None)
user = guard.authenticate(username, password)
ret = {'access_token': guard.encode_jwt_token(user)}
return (jsonify(ret), 200)
def login():
"""
Logs a user in by parsing a POST request containing user credentials and
issuing a JWT token.
.. example::
$ curl http://localhost:5000/api/login -X POST \
-d '{"username":"******","password":"******"}'
"""
req = request.json
username = req.get('username', None)
password = req.get('password', None)
user = guard.authenticate(username, password)
ret = {'access_token': guard.encode_jwt_token(user)}
return ret, 200
def create_user():
data = request.get_json() or {}
if 'username' not in data or 'email' not in data or 'password' not in data:
return bad_request('must include username, email, and password fields')
if User.query.filter_by(username=data['username']).first():
return bad_request('please use a different username')
if User.query.filter_by(email=data['email']).first():
return bad_request('please use a different email address')
user = User()
user.from_dict(data, new_user=True)
db.session.add(user)
db.session.commit()
new_user = guard.authenticate(data['username'], data['password'])
response = {'token': guard.encode_jwt_token(new_user), 'user':{'username': new_user.username, 'id': new_user.id}}
return jsonify(response), 200
def confirm_email(token):
confirm_serializer = URLSafeTimedSerializer(app.config['MAIL_SECRET_KEY'])
email = None
try:
email = confirm_serializer.loads(token,
salt=app.config['MAIL_SALT'],
max_age=86400) #604800 is 7 days
except SignatureExpired:
#TODO work with brad to see what he wants to do here.
print('The confirmation link has an expired signature.',
file=sys.stderr)
return {'access_token': None}, 400
# redirect(url_for('login'))
except BadTimeSignature:
#TODO work with brad to see what he wants to do here.
print('The token has expired.', file=sys.stderr)
return {'access_token': None}, 400
# redirect(url_for('login'))
else:
user = Users.query.filter_by(email=email).first()
print(f'Confirming email for {user.email}')
if user.email_confirmed:
print(f'User {user.email} has already confirmed his email',
file=sys.stderr)
else:
user.confirm_email()
print(f'Email has been successfully confirmed for {user.email}',
file=sys.stderr)
token = guard.encode_jwt_token(user)
return {'access_token': token}, 200
def post(self):
credentials = request.get_json(force=True)
user = guard.authenticate(**credentials)
token = guard.encode_jwt_token(user)
return jsonify({'idToken': token, 'expiresAt': 86400})
def get(self):
registration_token = guard.read_token_from_header()
user = guard.get_user_from_registration_token(registration_token)
# TODO: perform 'activation' of user here...like setting 'active' or something
ret = {'access_token': guard.encode_jwt_token(user)}
return ret, 200