Compare commits
1 Commits
master
...
jwt-experi
Author | SHA1 | Date | |
---|---|---|---|
73b94e8aa2
|
@ -20,7 +20,9 @@ RUN \
|
|||||||
pip3 install connexion && \
|
pip3 install connexion && \
|
||||||
pip3 install connexion[swagger-ui] && \
|
pip3 install connexion[swagger-ui] && \
|
||||||
pip3 install uwsgi && \
|
pip3 install uwsgi && \
|
||||||
pip3 install flask-cors
|
pip3 install flask-cors && \
|
||||||
|
pip3 install python-jose[cryptography] && \
|
||||||
|
pip3 install six
|
||||||
|
|
||||||
RUN \
|
RUN \
|
||||||
mkdir -p ${APP_DIR} && \
|
mkdir -p ${APP_DIR} && \
|
||||||
|
44
auth.py
Normal file
44
auth.py
Normal file
@ -0,0 +1,44 @@
|
|||||||
|
|
||||||
|
import time
|
||||||
|
|
||||||
|
import connexion
|
||||||
|
import six
|
||||||
|
from werkzeug.exceptions import Unauthorized
|
||||||
|
|
||||||
|
from jose import JWTError, jwt
|
||||||
|
|
||||||
|
JWT_ISSUER = 'de.hottis.hausverwaltung'
|
||||||
|
JWT_SECRET = 'streng_geheim'
|
||||||
|
JWT_LIFETIME_SECONDS = 600
|
||||||
|
JWT_ALGORITHM = 'HS256'
|
||||||
|
|
||||||
|
|
||||||
|
def generate_token(user_id):
|
||||||
|
timestamp = _current_timestamp()
|
||||||
|
payload = {
|
||||||
|
"iss": JWT_ISSUER,
|
||||||
|
"iat": int(timestamp),
|
||||||
|
"exp": int(timestamp + JWT_LIFETIME_SECONDS),
|
||||||
|
"sub": str(user_id),
|
||||||
|
}
|
||||||
|
|
||||||
|
return jwt.encode(payload, JWT_SECRET, algorithm=JWT_ALGORITHM)
|
||||||
|
|
||||||
|
|
||||||
|
def decode_token(token):
|
||||||
|
try:
|
||||||
|
return jwt.decode(token, JWT_SECRET, algorithms=[JWT_ALGORITHM])
|
||||||
|
except JWTError as e:
|
||||||
|
six.raise_from(Unauthorized, e)
|
||||||
|
|
||||||
|
|
||||||
|
def get_secret(user, token_info) -> str:
|
||||||
|
return '''
|
||||||
|
You are user_id {user} and the secret is 'wbevuec'.
|
||||||
|
Decoded token claims: {token_info}.
|
||||||
|
'''.format(user=user, token_info=token_info)
|
||||||
|
|
||||||
|
|
||||||
|
def _current_timestamp() -> int:
|
||||||
|
return int(time.time())
|
||||||
|
|
77
swagger.yaml
77
swagger.yaml
@ -1,7 +1,7 @@
|
|||||||
swagger: '2.0'
|
openapi: 3.0.0
|
||||||
info:
|
info:
|
||||||
title: Hausverwaltung
|
title: Hausverwaltung-JWT
|
||||||
version: "0.1"
|
version: "0.2"
|
||||||
|
|
||||||
paths:
|
paths:
|
||||||
/hv/objekte:
|
/hv/objekte:
|
||||||
@ -15,7 +15,7 @@ paths:
|
|||||||
schema:
|
schema:
|
||||||
type: array
|
type: array
|
||||||
items:
|
items:
|
||||||
$ref: '#/definitions/Objekt'
|
$ref: '#/components/Objekt'
|
||||||
404:
|
404:
|
||||||
description: No Objekte available
|
description: No Objekte available
|
||||||
500:
|
500:
|
||||||
@ -34,7 +34,7 @@ paths:
|
|||||||
200:
|
200:
|
||||||
description: Successful response.
|
description: Successful response.
|
||||||
schema:
|
schema:
|
||||||
$ref: '#/definitions/Objekt'
|
$ref: '#/components/Objekt'
|
||||||
404:
|
404:
|
||||||
description: Objekt not found
|
description: Objekt not found
|
||||||
500:
|
500:
|
||||||
@ -50,7 +50,7 @@ paths:
|
|||||||
schema:
|
schema:
|
||||||
type: array
|
type: array
|
||||||
items:
|
items:
|
||||||
$ref: '#/definitions/Wohnung'
|
$ref: '#/components/Wohnung'
|
||||||
404:
|
404:
|
||||||
description: No Wohnung available
|
description: No Wohnung available
|
||||||
500:
|
500:
|
||||||
@ -71,7 +71,7 @@ paths:
|
|||||||
schema:
|
schema:
|
||||||
type: array
|
type: array
|
||||||
items:
|
items:
|
||||||
$ref: '#/definitions/Wohnung'
|
$ref: '#/components/Wohnung'
|
||||||
404:
|
404:
|
||||||
description: No Wohnung available
|
description: No Wohnung available
|
||||||
500:
|
500:
|
||||||
@ -90,7 +90,7 @@ paths:
|
|||||||
200:
|
200:
|
||||||
description: Successful response.
|
description: Successful response.
|
||||||
schema:
|
schema:
|
||||||
$ref: '#/definitions/Wohnung'
|
$ref: '#/components/Wohnung'
|
||||||
404:
|
404:
|
||||||
description: Wohnung not found
|
description: Wohnung not found
|
||||||
500:
|
500:
|
||||||
@ -106,7 +106,7 @@ paths:
|
|||||||
schema:
|
schema:
|
||||||
type: array
|
type: array
|
||||||
items:
|
items:
|
||||||
$ref: '#/definitions/Mieter'
|
$ref: '#/components/Mieter'
|
||||||
404:
|
404:
|
||||||
description: No Mieter available
|
description: No Mieter available
|
||||||
500:
|
500:
|
||||||
@ -125,7 +125,7 @@ paths:
|
|||||||
200:
|
200:
|
||||||
description: Successful response.
|
description: Successful response.
|
||||||
schema:
|
schema:
|
||||||
$ref: '#/definitions/Mieter'
|
$ref: '#/components/Mieter'
|
||||||
404:
|
404:
|
||||||
description: Mieter not found
|
description: Mieter not found
|
||||||
500:
|
500:
|
||||||
@ -144,7 +144,7 @@ paths:
|
|||||||
200:
|
200:
|
||||||
description: Successful response.
|
description: Successful response.
|
||||||
schema:
|
schema:
|
||||||
$ref: '#/definitions/Forderung'
|
$ref: '#/components/Forderung'
|
||||||
404:
|
404:
|
||||||
description: Forderung not found
|
description: Forderung not found
|
||||||
500:
|
500:
|
||||||
@ -165,7 +165,7 @@ paths:
|
|||||||
schema:
|
schema:
|
||||||
type: array
|
type: array
|
||||||
items:
|
items:
|
||||||
$ref: '#/definitions/Forderung'
|
$ref: '#/components/Forderung'
|
||||||
404:
|
404:
|
||||||
description: No Forderung available
|
description: No Forderung available
|
||||||
500:
|
500:
|
||||||
@ -184,7 +184,7 @@ paths:
|
|||||||
200:
|
200:
|
||||||
description: Successful response.
|
description: Successful response.
|
||||||
schema:
|
schema:
|
||||||
$ref: '#/definitions/Zahlung'
|
$ref: '#/components/Zahlung'
|
||||||
404:
|
404:
|
||||||
description: Zahlung not found
|
description: Zahlung not found
|
||||||
500:
|
500:
|
||||||
@ -205,7 +205,7 @@ paths:
|
|||||||
schema:
|
schema:
|
||||||
type: array
|
type: array
|
||||||
items:
|
items:
|
||||||
$ref: '#/definitions/Zahlung'
|
$ref: '#/components/Zahlung'
|
||||||
404:
|
404:
|
||||||
description: No Zahlung available
|
description: No Zahlung available
|
||||||
500:
|
500:
|
||||||
@ -230,7 +230,7 @@ paths:
|
|||||||
schema:
|
schema:
|
||||||
type: array
|
type: array
|
||||||
items:
|
items:
|
||||||
$ref: '#/definitions/ZahlungForderung'
|
$ref: '#/components/ZahlungForderung'
|
||||||
404:
|
404:
|
||||||
description: No ZahlungForderung available
|
description: No ZahlungForderung available
|
||||||
500:
|
500:
|
||||||
@ -253,7 +253,7 @@ paths:
|
|||||||
200:
|
200:
|
||||||
description: Successful response
|
description: Successful response
|
||||||
schema:
|
schema:
|
||||||
$ref: '#/definitions/Saldo'
|
$ref: '#/components/Saldo'
|
||||||
404:
|
404:
|
||||||
description: Neither Forderungen nor Zahlungen available
|
description: Neither Forderungen nor Zahlungen available
|
||||||
500:
|
500:
|
||||||
@ -267,15 +267,48 @@ paths:
|
|||||||
- name: zahlung
|
- name: zahlung
|
||||||
in: body
|
in: body
|
||||||
schema:
|
schema:
|
||||||
$ref: '#/definitions/Zahlung'
|
$ref: '#/components/Zahlung'
|
||||||
responses:
|
responses:
|
||||||
202:
|
202:
|
||||||
description: Zahlung successfully inserted
|
description: Zahlung successfully inserted
|
||||||
500:
|
500:
|
||||||
description: Some server or database error
|
description: Some server or database error
|
||||||
|
/auth/{user_id}:
|
||||||
|
get:
|
||||||
|
tags: [ "jwt" ]
|
||||||
|
summary: Return JWT token
|
||||||
|
operationId: auth.generate_token
|
||||||
|
parameters:
|
||||||
|
- name: user_id
|
||||||
|
description: User unique identifier
|
||||||
|
in: path
|
||||||
|
required: true
|
||||||
|
example: 12
|
||||||
|
schema:
|
||||||
|
type: integer
|
||||||
|
responses:
|
||||||
|
'200':
|
||||||
|
description: JWT token
|
||||||
|
content:
|
||||||
|
'text/plain':
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
/secret:
|
||||||
|
get:
|
||||||
|
tags: [ "jwt" ]
|
||||||
|
summary: Return secret string
|
||||||
|
operationId: auth.get_secret
|
||||||
|
responses:
|
||||||
|
'200':
|
||||||
|
description: secret response
|
||||||
|
content:
|
||||||
|
'text/plain':
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
security:
|
||||||
|
- jwt: ['secret']
|
||||||
|
|
||||||
|
components:
|
||||||
definitions:
|
|
||||||
Objekt:
|
Objekt:
|
||||||
description: Objekt type
|
description: Objekt type
|
||||||
type: object
|
type: object
|
||||||
@ -394,3 +427,9 @@ definitions:
|
|||||||
type: number
|
type: number
|
||||||
saldo:
|
saldo:
|
||||||
type: number
|
type: number
|
||||||
|
securitySchemes:
|
||||||
|
jwt:
|
||||||
|
type: http
|
||||||
|
scheme: bearer
|
||||||
|
bearerFormat: JWT
|
||||||
|
x-bearerInfoFunc: auth.decode_token
|
Reference in New Issue
Block a user