jwt, first try not working

This commit is contained in:
Wolfgang Hottgenroth 2021-01-24 20:41:08 +01:00
parent 88e08029ec
commit 73b94e8aa2
Signed by: wn
GPG Key ID: E49AF3B9EF6DD469
3 changed files with 105 additions and 20 deletions

View File

@ -20,7 +20,9 @@ RUN \
pip3 install connexion && \
pip3 install connexion[swagger-ui] && \
pip3 install uwsgi && \
pip3 install flask-cors
pip3 install flask-cors && \
pip3 install python-jose[cryptography] && \
pip3 install six
RUN \
mkdir -p ${APP_DIR} && \

44
auth.py Normal file
View File

@ -0,0 +1,44 @@
import time
import connexion
import six
from werkzeug.exceptions import Unauthorized
from jose import JWTError, jwt
JWT_ISSUER = 'de.hottis.hausverwaltung'
JWT_SECRET = 'streng_geheim'
JWT_LIFETIME_SECONDS = 600
JWT_ALGORITHM = 'HS256'
def generate_token(user_id):
timestamp = _current_timestamp()
payload = {
"iss": JWT_ISSUER,
"iat": int(timestamp),
"exp": int(timestamp + JWT_LIFETIME_SECONDS),
"sub": str(user_id),
}
return jwt.encode(payload, JWT_SECRET, algorithm=JWT_ALGORITHM)
def decode_token(token):
try:
return jwt.decode(token, JWT_SECRET, algorithms=[JWT_ALGORITHM])
except JWTError as e:
six.raise_from(Unauthorized, e)
def get_secret(user, token_info) -> str:
return '''
You are user_id {user} and the secret is 'wbevuec'.
Decoded token claims: {token_info}.
'''.format(user=user, token_info=token_info)
def _current_timestamp() -> int:
return int(time.time())

View File

@ -1,7 +1,7 @@
swagger: '2.0'
openapi: 3.0.0
info:
title: Hausverwaltung
version: "0.1"
title: Hausverwaltung-JWT
version: "0.2"
paths:
/hv/objekte:
@ -15,7 +15,7 @@ paths:
schema:
type: array
items:
$ref: '#/definitions/Objekt'
$ref: '#/components/Objekt'
404:
description: No Objekte available
500:
@ -34,7 +34,7 @@ paths:
200:
description: Successful response.
schema:
$ref: '#/definitions/Objekt'
$ref: '#/components/Objekt'
404:
description: Objekt not found
500:
@ -50,7 +50,7 @@ paths:
schema:
type: array
items:
$ref: '#/definitions/Wohnung'
$ref: '#/components/Wohnung'
404:
description: No Wohnung available
500:
@ -71,7 +71,7 @@ paths:
schema:
type: array
items:
$ref: '#/definitions/Wohnung'
$ref: '#/components/Wohnung'
404:
description: No Wohnung available
500:
@ -90,7 +90,7 @@ paths:
200:
description: Successful response.
schema:
$ref: '#/definitions/Wohnung'
$ref: '#/components/Wohnung'
404:
description: Wohnung not found
500:
@ -106,7 +106,7 @@ paths:
schema:
type: array
items:
$ref: '#/definitions/Mieter'
$ref: '#/components/Mieter'
404:
description: No Mieter available
500:
@ -125,7 +125,7 @@ paths:
200:
description: Successful response.
schema:
$ref: '#/definitions/Mieter'
$ref: '#/components/Mieter'
404:
description: Mieter not found
500:
@ -144,7 +144,7 @@ paths:
200:
description: Successful response.
schema:
$ref: '#/definitions/Forderung'
$ref: '#/components/Forderung'
404:
description: Forderung not found
500:
@ -165,7 +165,7 @@ paths:
schema:
type: array
items:
$ref: '#/definitions/Forderung'
$ref: '#/components/Forderung'
404:
description: No Forderung available
500:
@ -184,7 +184,7 @@ paths:
200:
description: Successful response.
schema:
$ref: '#/definitions/Zahlung'
$ref: '#/components/Zahlung'
404:
description: Zahlung not found
500:
@ -205,7 +205,7 @@ paths:
schema:
type: array
items:
$ref: '#/definitions/Zahlung'
$ref: '#/components/Zahlung'
404:
description: No Zahlung available
500:
@ -230,7 +230,7 @@ paths:
schema:
type: array
items:
$ref: '#/definitions/ZahlungForderung'
$ref: '#/components/ZahlungForderung'
404:
description: No ZahlungForderung available
500:
@ -253,7 +253,7 @@ paths:
200:
description: Successful response
schema:
$ref: '#/definitions/Saldo'
$ref: '#/components/Saldo'
404:
description: Neither Forderungen nor Zahlungen available
500:
@ -267,15 +267,48 @@ paths:
- name: zahlung
in: body
schema:
$ref: '#/definitions/Zahlung'
$ref: '#/components/Zahlung'
responses:
202:
description: Zahlung successfully inserted
500:
description: Some server or database error
/auth/{user_id}:
get:
tags: [ "jwt" ]
summary: Return JWT token
operationId: auth.generate_token
parameters:
- name: user_id
description: User unique identifier
in: path
required: true
example: 12
schema:
type: integer
responses:
'200':
description: JWT token
content:
'text/plain':
schema:
type: string
/secret:
get:
tags: [ "jwt" ]
summary: Return secret string
operationId: auth.get_secret
responses:
'200':
description: secret response
content:
'text/plain':
schema:
type: string
security:
- jwt: ['secret']
definitions:
components:
Objekt:
description: Objekt type
type: object
@ -394,3 +427,9 @@ definitions:
type: number
saldo:
type: number
securitySchemes:
jwt:
type: http
scheme: bearer
bearerFormat: JWT
x-bearerInfoFunc: auth.decode_token