hv/hv-service
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: hv:master
Branches Tags
hv:master hv:jwt-experiments-2 hv:openapi3 hv:jwt-experiments
hv:1.1.1 hv:1.1.0 hv:1.0.1 hv:1.0.0
...
pull from: hv:jwt-experiments
Branches Tags
hv:master hv:jwt-experiments-2 hv:openapi3 hv:jwt-experiments
hv:1.1.1 hv:1.1.0 hv:1.0.1 hv:1.0.0

1 Commits
master ... jwt-experi

Author SHA1 Message Date
Wolfgang Hottgenroth
73b94e8aa2 jwt, first try not working 2021-01-24 20:41:08 +01:00
3 changed files with 105 additions and 20 deletions
Expand all files Collapse all files

4
Dockerfile
View File

@ -20,7 +20,9 @@ RUN \
pip3 install connexion && \ pip3 install connexion && \
pip3 install connexion[swagger-ui] && \ pip3 install connexion[swagger-ui] && \
pip3 install uwsgi && \ pip3 install uwsgi && \
pip3 install flask-cors pip3 install flask-cors && \
pip3 install python-jose[cryptography] && \
pip3 install six
RUN \ RUN \
mkdir -p ${APP_DIR} && \ mkdir -p ${APP_DIR} && \

44
auth.py Normal file
View File

@ -0,0 +1,44 @@
import time
import connexion
import six
from werkzeug.exceptions import Unauthorized
from jose import JWTError, jwt
JWT_ISSUER = 'de.hottis.hausverwaltung'
JWT_SECRET = 'streng_geheim'
JWT_LIFETIME_SECONDS = 600
JWT_ALGORITHM = 'HS256'
def generate_token(user_id):
timestamp = _current_timestamp()
payload = {
"iss": JWT_ISSUER,
"iat": int(timestamp),
"exp": int(timestamp + JWT_LIFETIME_SECONDS),
"sub": str(user_id),
}
return jwt.encode(payload, JWT_SECRET, algorithm=JWT_ALGORITHM)
def decode_token(token):
try:
return jwt.decode(token, JWT_SECRET, algorithms=[JWT_ALGORITHM])
except JWTError as e:
six.raise_from(Unauthorized, e)
def get_secret(user, token_info) -> str:
return '''
You are user_id {user} and the secret is 'wbevuec'.
Decoded token claims: {token_info}.
'''.format(user=user, token_info=token_info)
def _current_timestamp() -> int:
return int(time.time())

77
swagger.yaml
View File

@ -1,7 +1,7 @@
swagger: '2.0' openapi: 3.0.0
info: info:
title: Hausverwaltung title: Hausverwaltung-JWT
version: "0.1" version: "0.2"
paths: paths:
/hv/objekte: /hv/objekte:
@ -15,7 +15,7 @@ paths:
schema: schema:
type: array type: array
items: items:
$ref: '#/definitions/Objekt' $ref: '#/components/Objekt'
404: 404:
description: No Objekte available description: No Objekte available
500: 500:
@ -34,7 +34,7 @@ paths:
200: 200:
description: Successful response. description: Successful response.
schema: schema:
$ref: '#/definitions/Objekt' $ref: '#/components/Objekt'
404: 404:
description: Objekt not found description: Objekt not found
500: 500:
@ -50,7 +50,7 @@ paths:
schema: schema:
type: array type: array
items: items:
$ref: '#/definitions/Wohnung' $ref: '#/components/Wohnung'
404: 404:
description: No Wohnung available description: No Wohnung available
500: 500:
@ -71,7 +71,7 @@ paths:
schema: schema:
type: array type: array
items: items:
$ref: '#/definitions/Wohnung' $ref: '#/components/Wohnung'
404: 404:
description: No Wohnung available description: No Wohnung available
500: 500:
@ -90,7 +90,7 @@ paths:
200: 200:
description: Successful response. description: Successful response.
schema: schema:
$ref: '#/definitions/Wohnung' $ref: '#/components/Wohnung'
404: 404:
description: Wohnung not found description: Wohnung not found
500: 500:
@ -106,7 +106,7 @@ paths:
schema: schema:
type: array type: array
items: items:
$ref: '#/definitions/Mieter' $ref: '#/components/Mieter'
404: 404:
description: No Mieter available description: No Mieter available
500: 500:
@ -125,7 +125,7 @@ paths:
200: 200:
description: Successful response. description: Successful response.
schema: schema:
$ref: '#/definitions/Mieter' $ref: '#/components/Mieter'
404: 404:
description: Mieter not found description: Mieter not found
500: 500:
@ -144,7 +144,7 @@ paths:
200: 200:
description: Successful response. description: Successful response.
schema: schema:
$ref: '#/definitions/Forderung' $ref: '#/components/Forderung'
404: 404:
description: Forderung not found description: Forderung not found
500: 500:
@ -165,7 +165,7 @@ paths:
schema: schema:
type: array type: array
items: items:
$ref: '#/definitions/Forderung' $ref: '#/components/Forderung'
404: 404:
description: No Forderung available description: No Forderung available
500: 500:
@ -184,7 +184,7 @@ paths:
200: 200:
description: Successful response. description: Successful response.
schema: schema:
$ref: '#/definitions/Zahlung' $ref: '#/components/Zahlung'
404: 404:
description: Zahlung not found description: Zahlung not found
500: 500:
@ -205,7 +205,7 @@ paths:
schema: schema:
type: array type: array
items: items:
$ref: '#/definitions/Zahlung' $ref: '#/components/Zahlung'
404: 404:
description: No Zahlung available description: No Zahlung available
500: 500:
@ -230,7 +230,7 @@ paths:
schema: schema:
type: array type: array
items: items:
$ref: '#/definitions/ZahlungForderung' $ref: '#/components/ZahlungForderung'
404: 404:
description: No ZahlungForderung available description: No ZahlungForderung available
500: 500:
@ -253,7 +253,7 @@ paths:
200: 200:
description: Successful response description: Successful response
schema: schema:
$ref: '#/definitions/Saldo' $ref: '#/components/Saldo'
404: 404:
description: Neither Forderungen nor Zahlungen available description: Neither Forderungen nor Zahlungen available
500: 500:
@ -267,15 +267,48 @@ paths:
- name: zahlung - name: zahlung
in: body in: body
schema: schema:
$ref: '#/definitions/Zahlung' $ref: '#/components/Zahlung'
responses: responses:
202: 202:
description: Zahlung successfully inserted description: Zahlung successfully inserted
500: 500:
description: Some server or database error description: Some server or database error
/auth/{user_id}:
get:
tags: [ "jwt" ]
summary: Return JWT token
operationId: auth.generate_token
parameters:
- name: user_id
description: User unique identifier
in: path
required: true
example: 12
schema:
type: integer
responses:
'200':
description: JWT token
content:
'text/plain':
schema:
type: string
/secret:
get:
tags: [ "jwt" ]
summary: Return secret string
operationId: auth.get_secret
responses:
'200':
description: secret response
content:
'text/plain':
schema:
type: string
security:
- jwt: ['secret']
components:
definitions:
Objekt: Objekt:
description: Objekt type description: Objekt type
type: object type: object
@ -394,3 +427,9 @@ definitions:
type: number type: number
saldo: saldo:
type: number type: number
securitySchemes:
jwt:
type: http
scheme: bearer
bearerFormat: JWT
x-bearerInfoFunc: auth.decode_token