From 73b94e8aa22b1cabe39e48a54e6e206c3b2b324d Mon Sep 17 00:00:00 2001 From: Wolfgang Hottgenroth Date: Sun, 24 Jan 2021 20:41:08 +0100 Subject: [PATCH] jwt, first try not working --- Dockerfile | 4 ++- auth.py | 44 ++++++++++++++++++++++++++++++ swagger.yaml | 77 +++++++++++++++++++++++++++++++++++++++------------- 3 files changed, 105 insertions(+), 20 deletions(-) create mode 100644 auth.py diff --git a/Dockerfile b/Dockerfile index f85c146..65bca0f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,7 +20,9 @@ RUN \ pip3 install connexion && \ pip3 install connexion[swagger-ui] && \ pip3 install uwsgi && \ - pip3 install flask-cors + pip3 install flask-cors && \ + pip3 install python-jose[cryptography] && \ + pip3 install six RUN \ mkdir -p ${APP_DIR} && \ diff --git a/auth.py b/auth.py new file mode 100644 index 0000000..62e0788 --- /dev/null +++ b/auth.py @@ -0,0 +1,44 @@ + +import time + +import connexion +import six +from werkzeug.exceptions import Unauthorized + +from jose import JWTError, jwt + +JWT_ISSUER = 'de.hottis.hausverwaltung' +JWT_SECRET = 'streng_geheim' +JWT_LIFETIME_SECONDS = 600 +JWT_ALGORITHM = 'HS256' + + +def generate_token(user_id): + timestamp = _current_timestamp() + payload = { + "iss": JWT_ISSUER, + "iat": int(timestamp), + "exp": int(timestamp + JWT_LIFETIME_SECONDS), + "sub": str(user_id), + } + + return jwt.encode(payload, JWT_SECRET, algorithm=JWT_ALGORITHM) + + +def decode_token(token): + try: + return jwt.decode(token, JWT_SECRET, algorithms=[JWT_ALGORITHM]) + except JWTError as e: + six.raise_from(Unauthorized, e) + + +def get_secret(user, token_info) -> str: + return ''' + You are user_id {user} and the secret is 'wbevuec'. + Decoded token claims: {token_info}. + '''.format(user=user, token_info=token_info) + + +def _current_timestamp() -> int: + return int(time.time()) + diff --git a/swagger.yaml b/swagger.yaml index d8727ed..5f3b6b2 100644 --- a/swagger.yaml +++ b/swagger.yaml @@ -1,7 +1,7 @@ -swagger: '2.0' +openapi: 3.0.0 info: - title: Hausverwaltung - version: "0.1" + title: Hausverwaltung-JWT + version: "0.2" paths: /hv/objekte: @@ -15,7 +15,7 @@ paths: schema: type: array items: - $ref: '#/definitions/Objekt' + $ref: '#/components/Objekt' 404: description: No Objekte available 500: @@ -34,7 +34,7 @@ paths: 200: description: Successful response. schema: - $ref: '#/definitions/Objekt' + $ref: '#/components/Objekt' 404: description: Objekt not found 500: @@ -50,7 +50,7 @@ paths: schema: type: array items: - $ref: '#/definitions/Wohnung' + $ref: '#/components/Wohnung' 404: description: No Wohnung available 500: @@ -71,7 +71,7 @@ paths: schema: type: array items: - $ref: '#/definitions/Wohnung' + $ref: '#/components/Wohnung' 404: description: No Wohnung available 500: @@ -90,7 +90,7 @@ paths: 200: description: Successful response. schema: - $ref: '#/definitions/Wohnung' + $ref: '#/components/Wohnung' 404: description: Wohnung not found 500: @@ -106,7 +106,7 @@ paths: schema: type: array items: - $ref: '#/definitions/Mieter' + $ref: '#/components/Mieter' 404: description: No Mieter available 500: @@ -125,7 +125,7 @@ paths: 200: description: Successful response. schema: - $ref: '#/definitions/Mieter' + $ref: '#/components/Mieter' 404: description: Mieter not found 500: @@ -144,7 +144,7 @@ paths: 200: description: Successful response. schema: - $ref: '#/definitions/Forderung' + $ref: '#/components/Forderung' 404: description: Forderung not found 500: @@ -165,7 +165,7 @@ paths: schema: type: array items: - $ref: '#/definitions/Forderung' + $ref: '#/components/Forderung' 404: description: No Forderung available 500: @@ -184,7 +184,7 @@ paths: 200: description: Successful response. schema: - $ref: '#/definitions/Zahlung' + $ref: '#/components/Zahlung' 404: description: Zahlung not found 500: @@ -205,7 +205,7 @@ paths: schema: type: array items: - $ref: '#/definitions/Zahlung' + $ref: '#/components/Zahlung' 404: description: No Zahlung available 500: @@ -230,7 +230,7 @@ paths: schema: type: array items: - $ref: '#/definitions/ZahlungForderung' + $ref: '#/components/ZahlungForderung' 404: description: No ZahlungForderung available 500: @@ -253,7 +253,7 @@ paths: 200: description: Successful response schema: - $ref: '#/definitions/Saldo' + $ref: '#/components/Saldo' 404: description: Neither Forderungen nor Zahlungen available 500: @@ -267,15 +267,48 @@ paths: - name: zahlung in: body schema: - $ref: '#/definitions/Zahlung' + $ref: '#/components/Zahlung' responses: 202: description: Zahlung successfully inserted 500: description: Some server or database error + /auth/{user_id}: + get: + tags: [ "jwt" ] + summary: Return JWT token + operationId: auth.generate_token + parameters: + - name: user_id + description: User unique identifier + in: path + required: true + example: 12 + schema: + type: integer + responses: + '200': + description: JWT token + content: + 'text/plain': + schema: + type: string + /secret: + get: + tags: [ "jwt" ] + summary: Return secret string + operationId: auth.get_secret + responses: + '200': + description: secret response + content: + 'text/plain': + schema: + type: string + security: + - jwt: ['secret'] - -definitions: +components: Objekt: description: Objekt type type: object @@ -394,3 +427,9 @@ definitions: type: number saldo: type: number + securitySchemes: + jwt: + type: http + scheme: bearer + bearerFormat: JWT + x-bearerInfoFunc: auth.decode_token \ No newline at end of file