def get_auth(): auth_header = request.headers.get('Authorization') auth_token = auth_header.split(' ')[0] if auth_token: decoded = Users.decode_auth_token(auth_token) if isinstance(decoded, str): responseObject = {'status': 'error', 'message': decoded} return jsonify(responseObject), 401 else: user = Users.query.get(decoded) responseObject = { 'status': 'success', 'data': { 'user_id': user.id, 'first_name': user.first_name, 'last_name': user.last_name, 'email': user.email, 'registered_on': user.registered_on } } return jsonify(responseObject), 200 else: responseObject = {'status': 'error', 'message': 'Invalid token.'} return jsonify(responseObject), 401
def get_auth(): auth_header = request.headers.get('Authorization') auth_token = auth_header.split(' ')[0] if auth_token: decoded = Users.decode_auth_token(auth_token) if isinstance(decoded, str): responseObject = {'status': 'error', 'message': decoded} return jsonify(responseObject), 401 else: user = Users.query.get(decoded) responseObject = { 'status': 'success', 'data': { 'user_id': user.id, 'first_name': user.first_name, 'last_name': user.last_name, 'email': user.email, 'instrument': user.instrument, 'bio': user.bio, 'instructor': user.instructor, 'avatar': user.avatar, 'phone_number': user.phone_number } } return jsonify(responseObject), 200 else: responseObject = {'status': 'error', 'message': 'Invalid token.'} return jsonify(responseObject), 401
def logout(): auth_header = request.headers.get('Authorization') auth_token = auth_header.split(' ')[0] if auth_token: decoded = Users.decode_auth_token(auth_token) if isinstance(decoded, str): responseObject = {'status': 'error', 'message': decoded} return jsonify(responseObject), 401 else: blacklist_token = BlacklistToken(token=auth_token) db.session.add(blacklist_token) db.session.commit() responseObject = {'status': 'success', 'message': 'Logged out.'} return jsonify(responseObject), 200 else: responseObject = {'status': 'error', 'message': 'Invalid token.'} return jsonify(responseObject), 403
def decorated(*args, **kwargs): token = None if 'x-access-token' in request.headers: token = request.headers['x-access-token'] if not token: return jsonify({'message': 'Token is missing!'}), 401 try: data = Users.decode_auth_token(token) current_user = [data['id'], data['admin']] if not current_user[1]: return jsonify({'message': 'Cannot perform that function!'}), 403 except: return jsonify({'message': 'Token is invalid!'}), 401 return f(*args, **kwargs)
def test_decode_auth_token(self): user = Users(id=1, name='test_admin', password='******', admin=True) auth_token = user.encode_auth_token(user) self.assertTrue(isinstance(auth_token, str)) self.assertTrue((user.decode_auth_token(auth_token), auth_token))