Skip to content

Commit 4c24f50

Browse files
ncsyvnncsyvn
authored
Merge pull request #6 from ncsyvn/feature/auth_service
Disable black list token validate, add api validate token
2 parents 5bc9fe7 + 57ef590 commit 4c24f50

File tree

2 files changed

+31
-25
lines changed

2 files changed

+31
-25
lines changed

auth_service/auth_app/api/v1/auth.py

Lines changed: 29 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -8,22 +8,13 @@
88
from auth_app.utils import logged_input, get_timestamp_now
99
from auth_app.validator import SignupBodyValidation, LoginBodyValidation, UserSchema
1010
from auth_app.models import User, Token
11-
from auth_app.extensions import db
11+
from auth_app.extensions import db, jwt
12+
from flask_jwt_extended import verify_jwt_in_request
1213

1314
ACCESS_EXPIRES = timedelta(days=1)
1415
REFRESH_EXPIRES = timedelta(days=5)
1516
api = Blueprint('auth', __name__)
1617

17-
# Message_ID variable
18-
NEW_OTP_SENT = '301'
19-
WRONG_OTP = '305'
20-
OTP_EXPIRED = '306'
21-
PHONE_DOES_NOT_EXISTS = '307'
22-
WRONG_PHONE_PASSWORD = '308'
23-
INCORRECT_EMAIL_PASSWORD = "396"
24-
INACTIVE_ACCOUNT_ERROR = "414"
25-
SESSION_EXPIRED = '343'
26-
2718

2819
@api.route('/signup', methods=['POST'])
2920
def signup():
@@ -41,7 +32,7 @@ def signup():
4132
try:
4233
json_req = request.get_json()
4334
except Exception as ex:
44-
return send_error(message="Request Body incorrect json format: " + str(ex), code=442)
35+
return send_error(message='Request Body incorrect json format: ' + str(ex), code=442)
4536

4637
# Log request api
4738
logged_input(json.dumps(json_req))
@@ -59,13 +50,13 @@ def signup():
5950
# validate request body
6051
is_not_validate = SignupBodyValidation().validate(json_body) # Dictionary show detail error fields
6152
if is_not_validate:
62-
return send_error(data=is_not_validate, message="Invalid parameters")
53+
return send_error(data=is_not_validate, message='Invalid parameters')
6354

64-
email = json_body.get("email")
65-
password = json_body.get("password")
55+
email = json_body.get('email')
56+
password = json_body.get('password')
6657
duplicated_user = User.query.filter(User.email == email).first()
6758
if duplicated_user:
68-
return send_error(message="User existed")
59+
return send_error(message='User existed')
6960

7061
created_date = get_timestamp_now()
7162
_id = str(uuid.uuid4())
@@ -75,7 +66,7 @@ def signup():
7566
db.session.commit()
7667

7768
data = {
78-
"user_id": _id
69+
'user_id': _id
7970
}
8071

8172
return send_result(data=data)
@@ -102,7 +93,7 @@ def login():
10293
try:
10394
json_req = request.get_json()
10495
except Exception as ex:
105-
return send_error(message="Request Body incorrect json format: " + str(ex), code=442)
96+
return send_error(message='Request Body incorrect json format: ' + str(ex), code=442)
10697

10798
logged_input(json.dumps(json_req))
10899
if json_req is None:
@@ -116,15 +107,15 @@ def login():
116107
# validate request body
117108
is_not_validate = LoginBodyValidation().validate(json_body) # Dictionary show detail error fields
118109
if is_not_validate:
119-
return send_error(data=is_not_validate, message="Invalid params")
110+
return send_error(data=is_not_validate, message='Invalid params')
120111

121112
# Check username and password
122-
email = json_body.get("email")
123-
password = json_body.get("password")
113+
email = json_body.get('email')
114+
password = json_body.get('password')
124115

125116
user = User.query.filter(User.email == email).first()
126117
if user is None or (password and not check_password_hash(user.password_hash, password)):
127-
return send_error(message="Login failed")
118+
return send_error(message='Login failed')
128119

129120
access_token = create_access_token(identity=user.id, expires_delta=ACCESS_EXPIRES)
130121
refresh_token = create_refresh_token(identity=user.id, expires_delta=REFRESH_EXPIRES)
@@ -137,4 +128,19 @@ def login():
137128
data.setdefault('access_token', access_token)
138129
data.setdefault('refresh_token', refresh_token)
139130

140-
return send_result(data=data, message="Logged in successfully!")
131+
return send_result(data=data, message='Logged in successfully!')
132+
133+
134+
@api.route('/tokens/validate', methods=['GET'])
135+
def validate_token():
136+
"""
137+
Validate access_token api
138+
139+
Requests Header:
140+
Authorization: string, require
141+
142+
Returns:
143+
validate or not
144+
"""
145+
verify_jwt_in_request()
146+
return send_result(message='Token valid')

auth_service/auth_app/settings.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@ class ProdConfig(Config):
2323

2424
# JWT Config
2525
JWT_SECRET_KEY = '12345678a@@@'
26-
JWT_BLACKLIST_ENABLED = True
26+
JWT_BLACKLIST_ENABLED = False
2727
JWT_BLACKLIST_TOKEN_CHECKS = ['access', 'refresh']
2828

2929
# mysql config
@@ -45,7 +45,7 @@ class StgConfig(Config):
4545

4646
# JWT Config
4747
JWT_SECRET_KEY = '1234567a@'
48-
JWT_BLACKLIST_ENABLED = True
48+
JWT_BLACKLIST_ENABLED = False
4949
JWT_BLACKLIST_TOKEN_CHECKS = ['access', 'refresh']
5050

5151
# mysql config

0 commit comments

Comments
 (0)