jwt, first try not working
This commit is contained in:
parent
88e08029ec
commit
73b94e8aa2
@ -20,7 +20,9 @@ RUN \
|
||||
pip3 install connexion && \
|
||||
pip3 install connexion[swagger-ui] && \
|
||||
pip3 install uwsgi && \
|
||||
pip3 install flask-cors
|
||||
pip3 install flask-cors && \
|
||||
pip3 install python-jose[cryptography] && \
|
||||
pip3 install six
|
||||
|
||||
RUN \
|
||||
mkdir -p ${APP_DIR} && \
|
||||
|
44
auth.py
Normal file
44
auth.py
Normal file
@ -0,0 +1,44 @@
|
||||
|
||||
import time
|
||||
|
||||
import connexion
|
||||
import six
|
||||
from werkzeug.exceptions import Unauthorized
|
||||
|
||||
from jose import JWTError, jwt
|
||||
|
||||
JWT_ISSUER = 'de.hottis.hausverwaltung'
|
||||
JWT_SECRET = 'streng_geheim'
|
||||
JWT_LIFETIME_SECONDS = 600
|
||||
JWT_ALGORITHM = 'HS256'
|
||||
|
||||
|
||||
def generate_token(user_id):
|
||||
timestamp = _current_timestamp()
|
||||
payload = {
|
||||
"iss": JWT_ISSUER,
|
||||
"iat": int(timestamp),
|
||||
"exp": int(timestamp + JWT_LIFETIME_SECONDS),
|
||||
"sub": str(user_id),
|
||||
}
|
||||
|
||||
return jwt.encode(payload, JWT_SECRET, algorithm=JWT_ALGORITHM)
|
||||
|
||||
|
||||
def decode_token(token):
|
||||
try:
|
||||
return jwt.decode(token, JWT_SECRET, algorithms=[JWT_ALGORITHM])
|
||||
except JWTError as e:
|
||||
six.raise_from(Unauthorized, e)
|
||||
|
||||
|
||||
def get_secret(user, token_info) -> str:
|
||||
return '''
|
||||
You are user_id {user} and the secret is 'wbevuec'.
|
||||
Decoded token claims: {token_info}.
|
||||
'''.format(user=user, token_info=token_info)
|
||||
|
||||
|
||||
def _current_timestamp() -> int:
|
||||
return int(time.time())
|
||||
|
77
swagger.yaml
77
swagger.yaml
@ -1,7 +1,7 @@
|
||||
swagger: '2.0'
|
||||
openapi: 3.0.0
|
||||
info:
|
||||
title: Hausverwaltung
|
||||
version: "0.1"
|
||||
title: Hausverwaltung-JWT
|
||||
version: "0.2"
|
||||
|
||||
paths:
|
||||
/hv/objekte:
|
||||
@ -15,7 +15,7 @@ paths:
|
||||
schema:
|
||||
type: array
|
||||
items:
|
||||
$ref: '#/definitions/Objekt'
|
||||
$ref: '#/components/Objekt'
|
||||
404:
|
||||
description: No Objekte available
|
||||
500:
|
||||
@ -34,7 +34,7 @@ paths:
|
||||
200:
|
||||
description: Successful response.
|
||||
schema:
|
||||
$ref: '#/definitions/Objekt'
|
||||
$ref: '#/components/Objekt'
|
||||
404:
|
||||
description: Objekt not found
|
||||
500:
|
||||
@ -50,7 +50,7 @@ paths:
|
||||
schema:
|
||||
type: array
|
||||
items:
|
||||
$ref: '#/definitions/Wohnung'
|
||||
$ref: '#/components/Wohnung'
|
||||
404:
|
||||
description: No Wohnung available
|
||||
500:
|
||||
@ -71,7 +71,7 @@ paths:
|
||||
schema:
|
||||
type: array
|
||||
items:
|
||||
$ref: '#/definitions/Wohnung'
|
||||
$ref: '#/components/Wohnung'
|
||||
404:
|
||||
description: No Wohnung available
|
||||
500:
|
||||
@ -90,7 +90,7 @@ paths:
|
||||
200:
|
||||
description: Successful response.
|
||||
schema:
|
||||
$ref: '#/definitions/Wohnung'
|
||||
$ref: '#/components/Wohnung'
|
||||
404:
|
||||
description: Wohnung not found
|
||||
500:
|
||||
@ -106,7 +106,7 @@ paths:
|
||||
schema:
|
||||
type: array
|
||||
items:
|
||||
$ref: '#/definitions/Mieter'
|
||||
$ref: '#/components/Mieter'
|
||||
404:
|
||||
description: No Mieter available
|
||||
500:
|
||||
@ -125,7 +125,7 @@ paths:
|
||||
200:
|
||||
description: Successful response.
|
||||
schema:
|
||||
$ref: '#/definitions/Mieter'
|
||||
$ref: '#/components/Mieter'
|
||||
404:
|
||||
description: Mieter not found
|
||||
500:
|
||||
@ -144,7 +144,7 @@ paths:
|
||||
200:
|
||||
description: Successful response.
|
||||
schema:
|
||||
$ref: '#/definitions/Forderung'
|
||||
$ref: '#/components/Forderung'
|
||||
404:
|
||||
description: Forderung not found
|
||||
500:
|
||||
@ -165,7 +165,7 @@ paths:
|
||||
schema:
|
||||
type: array
|
||||
items:
|
||||
$ref: '#/definitions/Forderung'
|
||||
$ref: '#/components/Forderung'
|
||||
404:
|
||||
description: No Forderung available
|
||||
500:
|
||||
@ -184,7 +184,7 @@ paths:
|
||||
200:
|
||||
description: Successful response.
|
||||
schema:
|
||||
$ref: '#/definitions/Zahlung'
|
||||
$ref: '#/components/Zahlung'
|
||||
404:
|
||||
description: Zahlung not found
|
||||
500:
|
||||
@ -205,7 +205,7 @@ paths:
|
||||
schema:
|
||||
type: array
|
||||
items:
|
||||
$ref: '#/definitions/Zahlung'
|
||||
$ref: '#/components/Zahlung'
|
||||
404:
|
||||
description: No Zahlung available
|
||||
500:
|
||||
@ -230,7 +230,7 @@ paths:
|
||||
schema:
|
||||
type: array
|
||||
items:
|
||||
$ref: '#/definitions/ZahlungForderung'
|
||||
$ref: '#/components/ZahlungForderung'
|
||||
404:
|
||||
description: No ZahlungForderung available
|
||||
500:
|
||||
@ -253,7 +253,7 @@ paths:
|
||||
200:
|
||||
description: Successful response
|
||||
schema:
|
||||
$ref: '#/definitions/Saldo'
|
||||
$ref: '#/components/Saldo'
|
||||
404:
|
||||
description: Neither Forderungen nor Zahlungen available
|
||||
500:
|
||||
@ -267,15 +267,48 @@ paths:
|
||||
- name: zahlung
|
||||
in: body
|
||||
schema:
|
||||
$ref: '#/definitions/Zahlung'
|
||||
$ref: '#/components/Zahlung'
|
||||
responses:
|
||||
202:
|
||||
description: Zahlung successfully inserted
|
||||
500:
|
||||
description: Some server or database error
|
||||
/auth/{user_id}:
|
||||
get:
|
||||
tags: [ "jwt" ]
|
||||
summary: Return JWT token
|
||||
operationId: auth.generate_token
|
||||
parameters:
|
||||
- name: user_id
|
||||
description: User unique identifier
|
||||
in: path
|
||||
required: true
|
||||
example: 12
|
||||
schema:
|
||||
type: integer
|
||||
responses:
|
||||
'200':
|
||||
description: JWT token
|
||||
content:
|
||||
'text/plain':
|
||||
schema:
|
||||
type: string
|
||||
/secret:
|
||||
get:
|
||||
tags: [ "jwt" ]
|
||||
summary: Return secret string
|
||||
operationId: auth.get_secret
|
||||
responses:
|
||||
'200':
|
||||
description: secret response
|
||||
content:
|
||||
'text/plain':
|
||||
schema:
|
||||
type: string
|
||||
security:
|
||||
- jwt: ['secret']
|
||||
|
||||
|
||||
definitions:
|
||||
components:
|
||||
Objekt:
|
||||
description: Objekt type
|
||||
type: object
|
||||
@ -394,3 +427,9 @@ definitions:
|
||||
type: number
|
||||
saldo:
|
||||
type: number
|
||||
securitySchemes:
|
||||
jwt:
|
||||
type: http
|
||||
scheme: bearer
|
||||
bearerFormat: JWT
|
||||
x-bearerInfoFunc: auth.decode_token
|
Loading…
x
Reference in New Issue
Block a user