Skip to content

Commit 14aad4e

Browse files
vimallocvimalloc
committed
Clean up app.py some
1 parent 4cb2618 commit 14aad4e

File tree

1 file changed

+14
-10
lines changed

1 file changed

+14
-10
lines changed

flask_jwt_extended/app.py

Lines changed: 14 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -111,9 +111,19 @@ def fresh_login():
111111
if USERS[username]['password'] != password:
112112
return jsonify({"msg": "Bad username or password"}), 401
113113

114+
# TODO change all these to simply return the data, you are in charge or
115+
# getting it to your frontend
114116
return create_fresh_access_token(identity=username)
115117

116118

119+
# Endpoint for generating a non-fresh access token from the refresh token
120+
@app.route('/auth/refresh', methods=['POST'])
121+
def refresh_token():
122+
# TODO make this either a url that is configured in the app.config, or a
123+
# decorator, or something. This feels super awkward to use atm
124+
return refresh_access_token()
125+
126+
117127
# Endpoint for listing tokens
118128
@app.route('/auth/tokens', methods=['GET'])
119129
def list_tokens():
@@ -125,7 +135,7 @@ def list_tokens():
125135

126136
# Endpoint for revoking and unrevoking tokens
127137
@app.route('/auth/tokens/<string:jti>', methods=['PUT'])
128-
def revoke_jwt(jti):
138+
def change_jwt_revoke_state(jti):
129139
# TODO you should put some extra protection on this, so a user can only
130140
# modify their tokens
131141
revoke = request.json.get('revoke', None)
@@ -142,29 +152,23 @@ def revoke_jwt(jti):
142152
return jsonify({"msg": "Token successfully unrevoked"})
143153

144154

145-
# Endpoint for generating a non-fresh access token from the refresh token
146-
@app.route('/auth/refresh', methods=['POST'])
147-
def refresh_token():
148-
return refresh_access_token()
149-
150-
151155
@app.route('/protected', methods=['GET'])
152156
@jwt_required
153157
def non_fresh_protected():
154158
ip = jwt_claims['ip'] # Access data stored in custom claims on the JWT
155159
username = jwt_identity # Access identity through jwt_identity proxy
156160

157-
msg = '{} says hello from {}'.format(username, ip)
161+
msg = '{} initially logged in at {}'.format(username, ip)
158162
return jsonify({'msg': msg})
159163

160164

161165
@app.route('/protected-fresh', methods=['GET'])
162166
@fresh_jwt_required
163167
def fresh_protected():
164-
ip = jwt_claims['ip'] # Access data stored in custom claims on the JWT
168+
user_type = jwt_claims['type'] # Access data stored in custom claims on the JWT
165169
username = jwt_identity # Access identity through jwt_identity proxy
166170

167-
msg = '{} says hello from {} (fresh)'.format(username, ip)
171+
msg = '(fresh token required) {} is a[n] {}'.format(username, user_type)
168172
return jsonify({'msg': msg})
169173

170174
if __name__ == '__main__':

0 commit comments

Comments
 (0)