def login():
#check_password_hash(saved,input)
try:
username = request.json.get("username", None)
password = request.json.get("password", None)
client = MongoClient()
db = client.naft
user = db.users.find_one({"username": username})
if user is None:
return jsonify({"status": "error", "error": "User not found"}), 404
if (user['verified'] == "false"):
return jsonify({
"status": "error",
"error": "Email has not been verified"
}), 401
#if not check_password_hash(users[0]['password'],password):
if user['password'] != password:
return jsonify({
"status": "error",
"error": "Username/Password incorrect"
}), 401
access_token = create_access_token(identity=username)
refresh_token = create_refresh_token(identity=username)
resp = jsonify({"status": "OK"})
set_access_cookies(resp, access_token)
set_refresh_cookies(resp, refresh_token)
return resp, 200
except Exception as e:
return jsonify({"status": "error", "error": str(e)}), 409
def post(self):
data = _user_parser.parse_args()
user = UserModel.find_by_username(data["username"])
if user and safe_str_cmp(user.password, data["password"]):
access_token = create_access_token(identity=user.user_id,
fresh=True)
refresh_token = create_refresh_token(user.user_id)
resp = jsonify({
'login': True,
'status': 'Sucess',
'access_token': access_token,
'refresh_token': refresh_token,
'user_name': user.name,
'age': user.age,
'area': user.address
})
set_access_cookies(resp, access_token)
set_refresh_cookies(resp, refresh_token)
#cookies=[ ('Set-Cookie', 'access_token=%s'.format(access_token)), ('Set-Cookie', 'refresh_token=%s'.format(refresh_token)),'Set-Cookie' ]
resp.headers['Authorization'] = str('Bearer ' + access_token)
print(resp)
return resp
return {"message": "Invalid credentials!"}, 401
def signin():
username = request.json.get('username', None)
password = request.json.get('password', None)
model = {'name': username, 'password': password}
if UserTb.isUnAuthUser(user=model):
return jsonify({"msg": "Bad username or password"}), 401
# Store the tokens in redis with a status of not currently revoked. We
# can use the `get_jti()` method to get the unique identifier string for
# each token. We can also set an expires time on these tokens in redis,
# so they will get automatically removed after they expire. We will set
# everything to be automatically removed shortly after the token expires
user = UserTb.getUser(user=model)
access_token = create_access_token(identity=user['id'], fresh=True)
refresh_token = create_refresh_token(identity=user['id'])
access_jti = get_jti(encoded_token=access_token)
refresh_jti = get_jti(encoded_token=refresh_token)
revoked_store.set(access_jti, 'false', ACCESS_EXPIRES * 1.2)
revoked_store.set(refresh_jti, 'false', REFRESH_EXPIRES * 1.2)
resp = jsonify({'signin': True})
set_access_cookies(resp, access_token)
set_refresh_cookies(resp, refresh_token)
return resp, 201
def authenticate(allow_refresh_token=False, existing_identity=None):
data = request.get_json()
username = data.get('email', data.get('username'))
password = data.get('password')
criterion = [username, password]
if not all(criterion):
return jsonify(error='username or password missing'), 400
identity = jwt_authenticate(username, password)
if not identity or (existing_identity and identity != existing_identity):
# For fresh login, credentials should match existing user
return jsonify(error='Invalid Credentials'), 401
remember_me = data.get('remember-me')
include_in_response = data.get('include-in-response')
add_refresh_token = allow_refresh_token and remember_me
expiry_time = timedelta(minutes=90) if add_refresh_token else None
access_token = create_access_token(identity.id,
fresh=True,
expires_delta=expiry_time)
response_data = {'access_token': access_token}
if add_refresh_token:
refresh_token = create_refresh_token(identity.id)
if include_in_response:
response_data['refresh_token'] = refresh_token
response = jsonify(response_data)
if add_refresh_token and not include_in_response:
set_refresh_cookies(response, refresh_token)
return response
def PUT(cls, request: Request, payload,
collection: Collection) -> Response:
''' Create a refresh token '''
identity = get_jwt_identity()
if not identity:
return JsonError(
'Could not refresh access token, failed to validate refresh token'
)
access_token, refresh_token = cls.update_stored_token(identity)
response = JsonResponse({
'_id':
str(identity['_id']),
'permissions':
identity['permissions'],
'session_expires':
datetime.now() +
timedelta(seconds=int(JWT_Settings.APP_JWT_LIFESPAN))
})
set_access_cookies(response, access_token)
set_refresh_cookies(response, refresh_token)
return response
def oauth2callback():
state = get_jwt_identity()
flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file(
CLIENT_SECRETS_FILE, scopes=SCOPES, state=state)
flow.redirect_uri = flask.url_for('auth_handler.oauth2callback',
_external=True,
_scheme=os.environ["SCHEME"])
authorization_response = flask.request.url
flow.fetch_token(authorization_response=authorization_response)
# save user info to mongodb
credentials = flow.credentials
user_info = get_user_info(credentials)
gid = user_info["id"]
apiid = save_user_mongo(user_info, credentials)
# save user info to redis
set_user_info_redis(gid, user_info, apiid)
# set JWT Cookie to know that the user of the google id is logged in
access_token = create_access_token(identity=gid)
refresh_token = create_refresh_token(identity=gid)
resp = make_response(flask.redirect(os.environ["RE_URL"] + "/dashboard/"))
set_access_cookies(resp, access_token)
set_refresh_cookies(resp, refresh_token)
return resp
def login():
username = request.json.get('username', None)
print(username)
password = request.json.get('password', None)
org = request.json.get('organization', None)
# first verify user in database
if username not in {u.name: u for u in UserBusiness.find_all_users()}:
return jsonify({"msg": "Username is not exists!"}), 401
# then verify the user password
if UserBusiness.verify_password(org, username, password) is False:
return jsonify({"msg": "Bad password"}), 401
# user = UserBusiness.find_user_by_name(username)
if username != 'mysql' or password != '123456':
return jsonify({'login': False}), 401
ret = {
'access_token': create_access_token(identity=username),
'refresh_token': create_refresh_token(identity=username)
}
# Create the tokens we will be sending back to the user
access_token = create_access_token(identity=username)
refresh_token = create_refresh_token(identity=username)
# Set the JWT cookies in the response
resp = jsonify({'login': True})
print(ret['access_token'])
set_access_cookies(resp, access_token, 123456789)
set_refresh_cookies(resp, refresh_token)
print("done")
return jsonify(ret), 200
def login():
username = request.json.get('login', None)
password = request.json.get('password', None)
conn = sql3.connect('accounts.db')
c = conn.cursor()
t = (username, )
# Create the tokens we will be sending back to the user
access_token = create_access_token(identity=username)
refresh_token = create_refresh_token(identity=username)
# Set the JWTs and the CSRF double submit protection cookies
# in this response
c.execute('SELECT * FROM users WHERE User=?', t)
answers = c.fetchone()
if username == answers[0] and password == answers[0]:
conn.close()
resp = jsonify({'login': True})
set_access_cookies(resp, access_token)
set_refresh_cookies(resp, refresh_token)
return resp, 200
else:
conn.close()
return jsonify({'login': False}), 401
def login(self, db, admin, password):
cursor = db.cursor()
sql = '''
SELECT id, password FROM admin
WHERE admin_login = %s
'''
try:
cursor.execute(sql, (admin, ))
except OperationalError as e:
print(e)
return abort(500)
result = cursor.fetchone()
if not result:
return {'message': 'Admin not exist'}, 401
uid, password_hash = result
check = bcrypt.check_password_hash(password_hash.decode('UTF-8'),
password)
if not check:
return {'message': 'incorrect admin/password combination'}, 401
access_token = create_access_token(identity={
'id': uid,
'role': 'admin'
})
refresh_token = create_refresh_token(identity={
'id': uid,
'role': 'admin'
})
resp_body = {'message': f'admin {admin} ' f'logged in successfully'}
resp = jsonify(resp_body)
set_access_cookies(resp, access_token)
set_refresh_cookies(resp, refresh_token)
return resp
def post(self):
body = request.get_json()
username = body.get('username').lower()
try:
user = User.objects.get(username=username)
# Checking if users password is correct
authorized = user.check_password(body.get('password'))
if not authorized:
resp = make_response(
{
"error": "Username or password invalid",
"logged_in": False
}, 401)
return resp
access_token = create_access_token(identity=str(user.username))
refresh_token = create_refresh_token(identity=str(user.username))
resp_user = user.generate_return_object()
resp = make_response(resp_user, 201)
set_access_cookies(resp, access_token)
set_refresh_cookies(resp, refresh_token)
return resp
except User.DoesNotExist:
resp = make_response({"logged_in": False}, 403)
return resp
def post(self):
json_data = _user_parser.parse_args()
username = json_data.get("username")
current_user = UserModel.find_user_by_username(username)
if not current_user:
return {"message": f"User {username} doesn't exist"}
if current_user.check_password(json_data.get("password")):
access_token = create_access_token(identity=username,
expires_delta=False)
refresh_token = create_refresh_token(identity=username)
response = jsonify({
"login": True,
"access_token": access_token,
"refresh_token": refresh_token,
})
set_access_cookies(response, access_token)
set_refresh_cookies(response, refresh_token)
current_user.save_to_db(save_time_for="login")
return response
else:
return {"message": "Provided invalid credentials"}, 401
def post(self):
json_data = _user_parser.parse_args()
if UserModel.find_user_by_username(json_data["username"]):
return {"message": "User with this username already exists"}, 400
user = UserModel(**json_data)
try:
access_token = create_access_token(identity=json_data['username'],
expires_delta=False)
refresh_token = create_refresh_token(
identity=json_data['username'])
user.save_to_db(save_time_for="login")
response = jsonify({
"register": True,
"access_token": access_token,
"refresh_token": refresh_token,
})
set_access_cookies(response, access_token)
set_refresh_cookies(response, refresh_token)
return response
except:
return {"message": "Something went wrong"}, 500
def post(cls):
try:
user_data = user_schema.load(request.get_json(),
partial=("email", ))
except ValidationError:
username = request.form["username"]
password = request.form["password"]
user_data = user_schema.load(
{
"username": username,
"password": password
},
partial=("email", ))
user = UserModel.find_by_username(user_data.username)
# this is what the `authenticate()` function did in security.py
if user and safe_str_cmp(user.password, user_data.password):
confirmation = user.most_recent_confirmation
if not confirmation.confirmed:
return {"message": gettext("user_not_yet_activated")}, 400
access_token = create_access_token(identity=user.id, fresh=True)
refresh_token = create_refresh_token(user.id)
resp = make_response(redirect("/login/success", code=302))
set_access_cookies(resp, access_token)
set_refresh_cookies(resp, refresh_token)
return resp
return redirect("/login/fail", code=401)
def token_login():
username = request.json.get('username', None)
password = request.json.get('password', None)
if not request.is_json:
return jsonify({"msg": "Missing JSON in request"}), 400
if not username:
return jsonify({"msg": "Missing username parameter"}), 400
if not password:
return jsonify({"msg": "Missing password parameter"}), 400
user = User.query.filter_by(username=username).first()
if user:
if not user.check_password(password):
return jsonify({"msg": "Bad username or password"}), 401
else:
return jsonify({"msg": "Bad username"}), 401
# Create the tokens we will be sending back to the user
access_token = create_access_token(identity=username)
refresh_token = create_refresh_token(identity=username)
# Set the JWTs and the CSRF double submit protection cookies
# in this response
resp = jsonify({'login': True})
set_access_cookies(resp, access_token)
set_refresh_cookies(resp, refresh_token)
return resp, 200
def post(cls):
user_json = request.get_json()
user_data = user_schema.load(user_json)
user = UserModel.find_by_username(user_json['username'])
if user and user.check_password(user_json['password']):
access_token = create_access_token(identity=user.id, fresh=True)
refresh_token = create_refresh_token(user.id)
access_decoded_token = decode_token(access_token)
entry = {
"jti": access_decoded_token["jti"],
"token_type": 'access',
"fresh": True,
"blacklisted": False,
"never_expire": False,
}
data = token_schema.load(entry)
data.user_id = user.id
data.expiration_date = datetime.fromtimestamp(
access_decoded_token['exp'])
data.save_to_db()
resp = jsonify({
"message": "Successfully logged in!",
"login": True
})
set_access_cookies(resp, access_token)
set_refresh_cookies(resp, refresh_token)
return resp, 200
return {"message": INVALID_CREDENTIALS, 'login': False}, 401
def login():
title = 'login'
form = LoginForm()
if request.method == 'GET':
return render_template('auth/login.html', title=title, form=form)
email = request.form.get('email')
password = request.form.get('password')
user = User.query.filter_by(email=email).first()
# check if user actually exists
# take the user supplied password, hash it, and compare it to the hashed password in DB
if not user or not check_password_hash(user.password, password):
flash('Please check your login details and try again.')
return redirect(url_for('auth.login'))
# it the abobe check passes, then we know the user has the right credentials
resp = make_response(redirect(url_for('home.home_page')))
# Create the tokens we will be sending back to the user
access_token = create_access_token(identity=email)
refresh_token = create_refresh_token(identity=email)
set_access_cookies(resp, access_token)
set_refresh_cookies(resp, refresh_token)
login_user(user)
session['username'] = current_user.username
return resp
def post(self):
req_body, email, password = None, None, None
try:
req_body = request.get_json()
email = req_body['email']
password = req_body['password']
except Exception:
data = {"message": "Please login with your email and password"}
return custom_json_response(data, 400)
user = User.authenticate(email, password)
if user:
access_token = create_access_token(
identity={"id": user.id}, expires_delta=timedelta(days=30))
refresh_token = create_refresh_token(
identity={"id": user.id}, expires_delta=timedelta(days=30))
response = custom_json_response(
{
"message": "Authenticated",
'user': user_schema.dump(user)
}, 200)
set_access_cookies(response, access_token)
set_refresh_cookies(response, refresh_token)
return response
else:
data = {"message": "Incorrect username or password."}
return custom_json_response(data, 401)
def graphql_server():
# GraphQL queries are always sent as POST
data = request.get_json()
print(data)
# Note: Passing the request to the context is optional.
# In Flask, the current request is always accessible as flask.request
# if the cookie contains "access_token_cookie" and "refresh_token_cookie"
# set those tokens to tokens global variable
# this way we can make sure every has token
if request.cookies:
set_tokens(request.cookies)
try:
success, result = graphql_sync(
schema,
data,
context_value=request,
debug=app.debug
)
except Exception as e:
return {
"message": "Something went wrong."
}, 500
tokens = get_tokens()
result = jsonify(result)
if tokens:
set_access_cookies(result, tokens["access_token_cookie"])
set_refresh_cookies(result, tokens["refresh_token_cookie"])
else:
unset_access_cookies(result)
unset_refresh_cookies(result)
status_code = 200 if success else 400
return result, status_code
def post(self):
json_data = request.get_json()
try:
data = login_schema.load(json_data)
except ma.ValidationError as err:
return {'msg': '400 Bad Request', 'errors': err.messages}, 400
email = data.get('email')
password = data.get('password')
user = User.get_by_email(email)
if user and user.check_password(password):
if not user.is_activated:
return {'msg': 'Activeer je account'}, 403
access_token = jwt.create_access_token(identity=user.id)
refresh_token = jwt.create_refresh_token(identity=user.id)
response = jsonify({
'success':
True,
'a-csrf-token':
jwt.get_csrf_token(access_token),
'r-csrf-token':
jwt.get_csrf_token(refresh_token)
})
jwt.set_access_cookies(response, access_token)
jwt.set_refresh_cookies(response, refresh_token)
return response
return {'msg': 'Fout e-mailadres of wachtwoord'}, 401
def POST(cls, request: Request, payload,
collection: Collection) -> Response:
''' Attempt to log in for a specified user '''
user = collection.find_one({'username': payload.get('username')})
if not user:
return JsonError(f"User [{payload.get('username')}] not found",
404)
if not sha256.verify(payload.get('password'), user['password']):
return JsonError("Incorrect Password", 400)
permissions = user.get('permissions')
if isinstance(permissions, str): permissions = [permissions]
identity = {
'username': user['username'],
'_id': str(user['_id']),
'permissions': permissions
}
access_token, refresh_token = cls.update_stored_token(identity)
response = JsonResponse({
'_id':
str(user['_id']),
'permissions':
permissions,
'session_expires':
datetime.now() +
timedelta(seconds=int(JWT_Settings.APP_JWT_LIFESPAN))
})
set_access_cookies(response, access_token)
set_refresh_cookies(response, refresh_token)
return response
def auth_user():
''' auth endpoint '''
data = validate_user(request.get_json())
if data['ok']:
data = data['data']
user = User.query.filter(User.username == data['username']).first()
if user and user.check_password(data['password']):
access_token = create_access_token(identity=user.username)
refresh_token = create_refresh_token(identity=user.username)
user.token = access_token
user.refresh = refresh_token
db.session.flush()
db.session.commit()
resp = jsonify({'ok': True})
set_access_cookies(resp, access_token)
set_refresh_cookies(resp, refresh_token)
return resp, 200
else:
return jsonify({
'ok': False,
'message': 'invalid username or password'
}), 401
else:
return jsonify({
'ok':
False,
'message':
'Bad request parameters: {}'.format(data['message'])
}), 400
def signup():
data = request.get_json() or {}
if 'email' not in data or 'password' not in data:
raise BadRequest('must include email and password fields')
if User.query.filter_by(email=data['email']).first():
raise BadRequest('please use a different email address')
new_user = User(data['email'].lower(), data['password'])
db.session.add(new_user)
db.session.commit()
token = new_user.generate_confirmation_token()
confirmation_url = f'http://{current_app.config["CLIENT_BASE_URL"]}/auth/confirm/{token}'
send_email(new_user.email,
'Confirm Your Account',
'email/confirm',
user=new_user,
url=confirmation_url)
refresh_token = create_refresh_token(identity=new_user)
# Add Refresh Token to Blacklist with status not revoked
blacklisted_token = TokenBlacklist(
refresh_token, current_app.config['JWT_IDENTITY_CLAIM'])
db.session.add(blacklisted_token)
db.session.commit()
response_data = {
'access_token':
create_access_token(identity=new_user,
expires_delta=datetime.timedelta(minutes=15))
}
response = jsonify(response_data)
set_refresh_cookies(response, refresh_token)
return response, 201
def postlogin():
try:
email = request.json["email"]
password = request.json["password"]
user = Player.get_or_none(Player.email == email)
if not user:
return jsonify({
"status": "not found",
})
if check_password_hash(user.password_hash, password):
access_token = flask_jwt_extended.create_access_token(identity=user.id)
refresh_token = flask_jwt_extended.create_refresh_token(identity=user.id)
response = jsonify({"status": "ok"})
flask_jwt_extended.set_access_cookies(response, access_token)
flask_jwt_extended.set_refresh_cookies(response, refresh_token)
return response
return jsonify({
"status": "password incorrect"
})
except Exception as e:
raise
print(f"An error occurred: {e}")
return jsonify({
"status": "server error"
})
def login():
if current_user:
return redirect("/")
form = LoginForm()
title = _("Login")
if form.validate_on_submit():
user_data = form.data.copy()
for field in ("submit", "csrf_token"):
user_data.pop(field)
response = ApiPost.make_request("login", json=user_data)
if response.status_code == 200:
resp = make_response(redirect("/"))
access_token, refresh_token = (response.json()[field] for field in ("access_token", "refresh_token"))
set_access_cookies(resp, access_token)
set_refresh_cookies(resp, refresh_token)
return resp
error = response.json()["error"]
code = error["code"]
if errors.InvalidRequestError.sub_code_match(code):
fields = error["fields"]
for field in fields:
if field in form:
form[field].errors += fields[field]
elif errors.UserNotFoundError.sub_code_match(code):
flash(_("User not found."), "danger")
elif errors.WrongCredentialsError.sub_code_match(code):
flash(_("Wrong password."), "danger")
else:
flash(INTERNAL_ERROR_MSG, "danger")
return render_template("login.html", title=title, form=form)
def login():
try:
payload = request.json
email = payload["email"]
pw = payload["password"].encode("utf-8")
user = UserModel.getUserForEmail(email)
if user is None:
raise(UnauthorizedError)
validated = user.login(pw)
if validated:
accessToken = create_access_token(identity = user.id)
refreshToken = create_refresh_token(identity = user.id)
response = jsonify({"success": True, "msg": "sucessfully logged in", "firstName": user.firstName})
set_access_cookies(response, accessToken)
set_refresh_cookies(response, refreshToken)
return response, 200
else:
raise(UnauthorizedError)
except UnauthorizedError:
raise UnauthorizedError
except Exception as e:
raise InternalServerError(e)
def assign_access_refresh_tokens(user_id, url):
access_token = create_access_token(identity=str(user_id), fresh=True)
refresh_token = create_refresh_token(identity=str(user_id))
resp = make_response(redirect(url, 302))
set_access_cookies(resp, access_token)
set_refresh_cookies(resp, refresh_token)
return resp
def login():
username = request.json.get('username', None)
password = request.json.get('password', None)
try:
user = Account.objects(name=username)[0]
except Exception as error:
return jsonify({'login': False}), 401
if not (argon2.verify(password, user.passwd)):
return jsonify({'login': False}), 401
# Create the tokens we will be sending back to the user
time_limit = timedelta(minutes=10) # set limit for user
access_token = create_access_token(identity={
"username": user.name,
"role": user.role
},
expires_delta=time_limit,
fresh=True)
time_limit = timedelta(hours=2)
refresh_token = create_refresh_token(identity={
"username": user.name,
"role": user.role
},
expires_delta=time_limit)
# Set the JWT cookies in the response
resp = jsonify({'login': True, 'next-page': url_for("game.start_game")})
set_access_cookies(resp, access_token)
set_refresh_cookies(resp, refresh_token)
return resp, 200
def login():
if current_user:
return redirect(url_for('feed.news'))
if request.method == 'GET':
return render_template('user/login.html', form=forms.LoginForm())
email_or_username = request.form['email_or_username']
token_or_password = request.form['token_or_password']
user = models.User.query.filter_by(email=email_or_username).first()
if not user:
user = models.User.query.filter_by(username=email_or_username).first()
login_success = False
if not user:
app.logger.info("User not found: %s", email_or_username)
else:
if user.verify_totp(token_or_password):
app.logger.info("Login success token: %s", email_or_username)
login_success = True
if user.verify_password(token_or_password):
app.logger.info("Login success password: %s", email_or_username)
login_success = True
if login_success:
response = redirect(url_for('feed.news'))
set_access_cookies(response, create_access_token(identity=user.email))
set_refresh_cookies(response,
create_refresh_token(identity=user.email))
return response
else:
flash("Incorrect email or password or one-time token")
return redirect(url_for('user.login'))
def post(self):
content = request.data
if content is None:
return render_template('login.html')
my_json = content.decode('utf8').replace("'", '"')
data = json.loads(my_json)
if data["Login"] is None or data["Password"] is None:
return render_template('login.html')
info = check_login(data)
if info:
js = {
"UserId": info[0],
"FirstName": info[1],
"LastName": info[2],
"Email": info[3],
"Login": info[4],
"Password": info[5],
}
access_token = create_access_token(identity=js)
refresh_token = create_refresh_token(identity=js)
# Set the JWT access cookie in the response
resp = jsonify({'login': True})
set_access_cookies(resp, access_token)
set_refresh_cookies(resp, refresh_token)
return resp, 200
return redirect(url_for('userlogin'))
def login():
body = request.get_json()
if body is None:
return jsonify({'message': 'Invalid username and password'}), 401
username = body.get('username', None)
password = body.get('password', None)
if username == '':
return jsonify({'message': 'Username can not be blank'}), 401
if password == '':
return jsonify({'message': 'Password can not be blank'}), 401
# Create the tokens we will be sending back to the user
nor_username = username.strip().lower()
try:
user = User.objects.get(username=nor_username)
except errors.DoesNotExist:
return jsonify({'message': 'username or password is not match'}), 401
if user.check_password(password) is False:
return jsonify({'message': 'username or password is not match'}), 401
user = JWTUser(str(user.id), user.role)
expires = datetime.timedelta(days=7)
access_token = create_access_token(identity=user, expires_delta=expires)
refresh_token = create_refresh_token(identity=user)
# Set the JWT cookies in the response
resp = jsonify({'login': '******'})
set_access_cookies(resp, access_token)
set_refresh_cookies(resp, refresh_token)
return resp, 200
def post(self):
"""Authenticates and generates a token"""
schema = TokenSchema()
data, errors = schema.load(current_app.api.payload)
if errors:
return errors, 400
try:
user = User.get(email=data.email)
except User.DoesNotExist:
abort(403, 'No such user, or wrong password')
if not user or not user.active:
abort(403, 'No such user, or wrong password')
if not verify_password(data.password, user.password):
abort(403, 'No such user, or wrong password')
access_token = create_access_token(identity=user.email)
refresh_token = create_refresh_token(identity=user.email)
access_expire = current_app.config['JWT_ACCESS_TOKEN_EXPIRES']
refresh_expire = current_app.config['JWT_REFRESH_TOKEN_EXPIRES']
resp = jsonify(
{
'access': access_token,
'refresh': refresh_token,
'accessExpire': int(access_expire.total_seconds()),
'refreshExpire': int(refresh_expire.total_seconds()),
}
)
set_access_cookies(resp, access_token)
set_refresh_cookies(resp, refresh_token)
refresh_path = current_app.config['JWT_REFRESH_COOKIE_PATH']
refresh_secure = current_app.config['JWT_COOKIE_SECURE']
refresh_expire_date = datetime.now() + refresh_expire
resp.set_cookie(
'refresh_expire',
value=str(refresh_expire_date),
expires=refresh_expire_date,
path=refresh_path,
httponly=True,
secure=refresh_secure,
)
return resp
