Flaschengeist/flaschengeist
Flaschengeist
/
flaschengeist
7
0
Fork 0
Code Issues 20 Pull Requests Packages Projects Releases 2 Wiki Activity

Support lifetime methods on accesstokens

This commit is contained in:
Ferdinand Thiessen 2020-08-25 04:31:34 +02:00
parent 32066b1005
commit 5f408bfd3c
1 changed files with 51 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
flaschengeist/modules/auth/__init__.py
View File

@ -33,13 +33,13 @@ def _logout(**kwargs):
logger.debug("accesstoken is {{ {} }}".format(accToken)) logger.debug("accesstoken is {{ {} }}".format(accToken))
logger.debug("delete accesstoken") logger.debug("delete accesstoken")
accesTokenController.deleteAccessToken(accToken) accesTokenController.deleteAccessToken(accToken)
accesTokenController.clearExpired()
logger.info("return ok logout user") logger.info("return ok logout user")
return jsonify({"ok": "ok"}) return jsonify({"ok": "ok"})
except Exception as err: except Exception as err:
logger.warning("exception in logout user.", exc_info=True) logger.warning("exception in logout user.", exc_info=True)
return jsonify({"error": str(err)}), 500 return jsonify({"error": str(err)}), 500
@auth_bp.route("/login", methods=['POST']) @auth_bp.route("/login", methods=['POST'])
def _login(): def _login():
""" Login User """ Login User
@ -65,7 +65,7 @@ def _login():
logger.debug("accesstoken is {{ {} }}".format(token)) logger.debug("accesstoken is {{ {} }}".format(token))
logger.debug("validate accesstoken") logger.debug("validate accesstoken")
dic = user.toJSON() dic = user.toJSON()
dic["token"] = token dic["accessToken"] = token
logger.info("User {{ {} }} success login.".format(username)) logger.info("User {{ {} }} success login.".format(username))
logger.debug("return login {{ {} }}".format(dic)) logger.debug("return login {{ {} }}".format(dic))
return jsonify(dic) return jsonify(dic)
@ -75,3 +75,52 @@ def _login():
except Exception as err: except Exception as err:
logger.error("exception in login.", exc_info=True) logger.error("exception in login.", exc_info=True)
return jsonify({"error": "permission denied"}), 401 return jsonify({"error": "permission denied"}), 401
@auth_bp.route("/user/getAccessTokens", methods=['GET', 'POST'])
@login_required()
def _getAccessTokens(**kwargs):
try:
if request.method == 'POST':
data = request.get_json()
accesTokenController.deleteAccessToken(accToken)
delAccToken = AccessToken(data['id'], kwargs['accToken'].user, None, None, None)
accesTokenController.deleteAccessToken(delAccToken)
tokens = accesTokenController.getAccessTokensFromUser(kwargs['accToken'].user)
r = [t.toJSON() for t in tokens]
logger.debug("return {{ {} }}".format(r))
return jsonify(r)
except Exception as err:
logger.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500
@auth_bp.route("/getLifetime", methods=['GET'])
@login_required()
def _getLifeTime(**kwargs):
try:
logger.debug("get lifetime of accesstoken")
accToken = kwargs['accToken']
logger.debug("accessToken is {{ {} }}".format(accToken))
return jsonify({"value": accToken.lifetime})
except Exception as err:
logger.warning("exception in get lifetime of accesstoken.", exc_info=True)
return jsonify({"error": str(err)}), 500
@auth_bp.route("/setLifetime", methods=['POST'])
@login_required()
def _saveLifeTime(**kwargs):
try:
accToken = kwargs['accToken']
logger.debug("save lifetime for accessToken {{ {} }}".format(accToken))
data = request.get_json()
lifetime = data['value']
logger.debug("lifetime is {{ {} }}".format(lifetime))
logger.info("set lifetime {{ {} }} to accesstoken {{ {} }}".format(
lifetime, accToken))
accToken.lifetime = lifetime
logger.info("update accesstoken timestamp")
accToken = accesTokenController.updateAccessToken(accToken)
return jsonify({"value": accToken.lifetime })
except Exception as err:
logger.warning(
"exception in save lifetime for accesstoken.", exc_info=True)
return jsonify({"error": str(err)}), 500