-
Notifications
You must be signed in to change notification settings - Fork 112
/
Copy pathextensions.py
73 lines (59 loc) · 2.1 KB
/
extensions.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
from flask import jsonify, make_response
from flask_sqlalchemy import SQLAlchemy
from flask_migrate import Migrate
from sqlalchemy.ext.declarative import declarative_base
from flask_jwt_extended import JWTManager
from flask_marshmallow import Marshmallow
from flask_socketio import SocketIO
"""
Extensions for the app context.
"""
db = SQLAlchemy()
migrate = Migrate()
Base = declarative_base()
jwt = JWTManager()
ma = Marshmallow()
socketio = SocketIO(cors_allowed_origins="*")
from api.models.RevokedToken import RevokedToken
# This method will check if a token is blacklisted i.e. token is expired or revoked,
# and will be called automatically when blacklist is enabled.
# It checks the revoked token model for the jti.
@jwt.token_in_blacklist_loader
def token_is_blacklist(decypted_token):
jti = decypted_token["jti"]
return RevokedToken.is_jti_blacklisted(jti)
# The following methods are used for customizing jwt response/error messages.
@jwt.expired_token_loader
def expired_token_callback():
response = {"message": "The token has expired.",
"error": "token_expired"}
return make_response(jsonify(response)), 401
@jwt.invalid_token_loader
def invalid_token_callback(error):
# We have to keep the argument here, since it's passed in by the jwt caller internally.
response = {
"message": "Signature verification failed.",
"error": "invalid_token",
}
return make_response(jsonify(response)), 401
@jwt.unauthorized_loader
def missing_token_callback(error):
response = {
"message": "Request does not contain an access token.",
"error": "authorization_required",
}
return make_response(jsonify(response)), 401
@jwt.needs_fresh_token_loader
def token_not_fresh_callback():
response = {
"message": "The token is not fresh.",
"error": "fresh_token_required",
}
return make_response(jsonify(response)), 401
@jwt.revoked_token_loader
def revoked_token_callback():
response = {
"message": "The token has been revoked.",
"error": "token_revoked",
}
return make_response(jsonify(response)), 401