seems to work

This commit is contained in:
Wolfgang Hottgenroth 2021-01-24 23:53:28 +01:00
parent 4f4b959e9e
commit e362b1484f
Signed by: wn
GPG Key ID: E49AF3B9EF6DD469
4 changed files with 105 additions and 16 deletions

View File

@ -5,3 +5,7 @@ export DB_USER="hausverwaltung-ui"
export DB_PASS="test123" export DB_PASS="test123"
export DB_NAME="hausverwaltung" export DB_NAME="hausverwaltung"
export JWT_ISSUER='de.hottis.hausverwaltung'
export JWT_SECRET='streng_geheim'
export JWT_LIFETIME_SECONDS=60
export JWT_ALGORITHM='HS256'

41
auth.py Executable file
View File

@ -0,0 +1,41 @@
import time
import connexion
import six
from werkzeug.exceptions import Unauthorized
from jose import JWTError, jwt
import os
JWT_ISSUER = os.environ['JWT_ISSUER']
JWT_SECRET = os.environ['JWT_SECRET']
JWT_LIFETIME_SECONDS = int(os.environ['JWT_LIFETIME_SECONDS'])
JWT_ALGORITHM = os.environ['JWT_ALGORITHM']
def generate_token(user_id):
timestamp = _current_timestamp()
payload = {
"iss": JWT_ISSUER,
"iat": int(timestamp),
"exp": int(timestamp + JWT_LIFETIME_SECONDS),
"sub": str(user_id),
}
return jwt.encode(payload, JWT_SECRET, algorithm=JWT_ALGORITHM)
def decode_token(token):
try:
return jwt.decode(token, JWT_SECRET, algorithms=[JWT_ALGORITHM])
except JWTError as e:
six.raise_from(Unauthorized, e)
def get_secret(user, token_info) -> str:
return '''
You are user_id {user} and the secret is 'wbevuec'.
Decoded token claims: {token_info}.
'''.format(user=user, token_info=token_info)
def _current_timestamp() -> int:
return int(time.time())

View File

@ -126,6 +126,9 @@ paths:
description: No Mieter available description: No Mieter available
500: 500:
description: Some server error description: Some server error
security:
- jwt: ['secret']
/hv/mieter/{id}: /hv/mieter/{id}:
get: get:
tags: [ "Mieter" ] tags: [ "Mieter" ]
@ -296,24 +299,65 @@ paths:
description: Neither Forderungen nor Zahlungen available description: Neither Forderungen nor Zahlungen available
500: 500:
description: Some server error description: Some server error
# /hv/zahlung: /hv/zahlung:
# post: post:
# tags: [ "Zahlung" ] tags: [ "Zahlung" ]
# operationId: ZahlungenForderungen.put_zahlung operationId: ZahlungenForderungen.put_zahlung
# summary: Inserts a new Zahlung summary: Inserts a new Zahlung
# parameters: parameters:
# - name: zahlung - name: zahlung
# in: body in: body
# schema: schema:
# $ref: '#/components/schemas/Zahlung' $ref: '#/components/schemas/Zahlung'
# responses: responses:
# 202: 202:
# description: Zahlung successfully inserted description: Zahlung successfully inserted
# 500: 500:
# description: Some server or database error description: Some server or database error
/auth/{user_id}:
get:
tags: [ "JWT" ]
summary: Return JWT token
operationId: auth.generate_token
parameters:
- name: user_id
description: User unique identifier
in: path
required: true
example: 12
schema:
type: integer
responses:
'200':
description: JWT token
content:
'text/plain':
schema:
type: string
/secret:
get:
tags: [ "JWT" ]
summary: Return secret string
operationId: auth.get_secret
responses:
'200':
description: secret response
content:
'text/plain':
schema:
type: string
security:
- jwt: ['secret']
components: components:
securitySchemes:
jwt:
type: http
scheme: bearer
bearerFormat: JWT
x-bearerInfoFunc: auth.decode_token
schemas: schemas:
Objekt: Objekt:
description: Objekt type description: Objekt type

View File

@ -3,7 +3,7 @@ from flask_cors import CORS
# instantiate the webservice # instantiate the webservice
app = connexion.App(__name__) app = connexion.App(__name__)
app.add_api('swagger.yaml') app.add_api('openapi.yaml')
# CORSify it - otherwise Angular won't accept it # CORSify it - otherwise Angular won't accept it
CORS(app.app) CORS(app.app)