FitTrackee/fittrackee/users/utils/token.py

from datetime import datetime, timedelta
from typing import Optional

import jwt
from flask import current_app

from fittrackee.utils import clean


def get_user_token(
    user_id: int, password_reset: Optional[bool] = False
) -> str:
    """
    Return authentication token for a given user.
    Token expiration time depends on token type (authentication or password
    reset)
    """
    expiration_days: float = (
        0.0 if password_reset else current_app.config['TOKEN_EXPIRATION_DAYS']
    )
    expiration_seconds: float = (
        current_app.config['PASSWORD_TOKEN_EXPIRATION_SECONDS']
        if password_reset
        else current_app.config['TOKEN_EXPIRATION_SECONDS']
    )
    now = datetime.utcnow()
    payload = {
        'exp': now
        + timedelta(days=expiration_days, seconds=expiration_seconds),
        'iat': now,
        'sub': user_id,
    }
    return jwt.encode(
        payload,
        current_app.config['SECRET_KEY'],
        algorithm='HS256',
    )


def decode_user_token(auth_token: str) -> int:
    """
    Return user id from token
    """
    payload = jwt.decode(
        auth_token,
        current_app.config['SECRET_KEY'],
        algorithms=['HS256'],
    )
    return payload['sub']


def clean_blacklisted_tokens(days: int) -> int:
    """
    Delete blacklisted tokens expired for more than provided number of days
    """
    sql = """
        DELETE FROM blacklisted_tokens
        WHERE blacklisted_tokens.expired_at < :limit;
    """
    return clean(sql, days)
API - add password reset request route - #50 2020-05-10 17:08:18 +02:00			`from datetime import datetime, timedelta`
API - add typing 2021-01-02 19:28:03 +01:00			`from typing import Optional`
API - add password reset request route - #50 2020-05-10 17:08:18 +02:00
			`import jwt`
			`from flask import current_app`

CLI - add command to clean blacklisted tokens 2022-09-15 13:14:55 +02:00			`from fittrackee.utils import clean`

API - add password reset request route - #50 2020-05-10 17:08:18 +02:00
API - add typing 2021-01-02 19:28:03 +01:00			`def get_user_token(`
			`user_id: int, password_reset: Optional[bool] = False`
			`) -> str:`
			`"""`
			`Return authentication token for a given user.`
			`Token expiration time depends on token type (authentication or password`
			`reset)`
			`"""`
			`expiration_days: float = (`
			`0.0 if password_reset else current_app.config['TOKEN_EXPIRATION_DAYS']`
API - add password reset request route - #50 2020-05-10 17:08:18 +02:00			`)`
API - add typing 2021-01-02 19:28:03 +01:00			`expiration_seconds: float = (`
			`current_app.config['PASSWORD_TOKEN_EXPIRATION_SECONDS']`
API - add password reset request route - #50 2020-05-10 17:08:18 +02:00			`if password_reset`
API - add typing 2021-01-02 19:28:03 +01:00			`else current_app.config['TOKEN_EXPIRATION_SECONDS']`
API - add password reset request route - #50 2020-05-10 17:08:18 +02:00			`)`
API - add tests on JWT generation 2022-08-03 20:38:26 +02:00			`now = datetime.utcnow()`
API - add password reset request route - #50 2020-05-10 17:08:18 +02:00			`payload = {`
API - add tests on JWT generation 2022-08-03 20:38:26 +02:00			`'exp': now`
API - add password reset request route - #50 2020-05-10 17:08:18 +02:00			`+ timedelta(days=expiration_days, seconds=expiration_seconds),`
API - add tests on JWT generation 2022-08-03 20:38:26 +02:00			`'iat': now,`
API - add password reset request route - #50 2020-05-10 17:08:18 +02:00			`'sub': user_id,`
			`}`
			`return jwt.encode(`
API - update python dependencies 2020-09-16 11:09:32 +02:00			`payload,`
API - add typing 2021-01-02 19:28:03 +01:00			`current_app.config['SECRET_KEY'],`
API - update python dependencies 2020-09-16 11:09:32 +02:00			`algorithm='HS256',`
API - add password reset request route - #50 2020-05-10 17:08:18 +02:00			`)`


API - add typing 2021-01-02 19:28:03 +01:00			`def decode_user_token(auth_token: str) -> int:`
			`"""`
			`Return user id from token`
			`"""`
API - update pyjwt to 2.0.0 jwt.encode() returns now tokens as string instead of a byte string 2020-12-25 19:35:15 +01:00			`payload = jwt.decode(`
			`auth_token,`
API - add typing 2021-01-02 19:28:03 +01:00			`current_app.config['SECRET_KEY'],`
API - update pyjwt to 2.0.0 jwt.encode() returns now tokens as string instead of a byte string 2020-12-25 19:35:15 +01:00			`algorithms=['HS256'],`
			`)`
API - add password reset request route - #50 2020-05-10 17:08:18 +02:00			`return payload['sub']`
CLI - add command to clean blacklisted tokens 2022-09-15 13:14:55 +02:00

			`def clean_blacklisted_tokens(days: int) -> int:`
			`"""`
			`Delete blacklisted tokens expired for more than provided number of days`
			`"""`
			`sql = """`
			`DELETE FROM blacklisted_tokens`
API - update to latest version of Flask-SQLAlchemy (and to SQLAlchemy 2.x) 2023-10-02 18:57:53 +02:00			`WHERE blacklisted_tokens.expired_at < :limit;`
CLI - add command to clean blacklisted tokens 2022-09-15 13:14:55 +02:00			`"""`
			`return clean(sql, days)`