Commit ef9a1c08 authored by Patrick van der Leer's avatar Patrick van der Leer
Browse files

Should fix login and CORS shit

parent 5ac0f1a0
Pipeline #279 passed with stage
in 5 minutes and 23 seconds
......@@ -21,22 +21,29 @@ def init(config_object=ProdConfig):
"""
app = Flask(__name__)
app.config.from_object(config_object)
app.config['intercept_exceptions'] = False
# app.config['intercept_exceptions'] = False
with app.app_context():
configure_extensions(app)
configure_scheduler(app)
configure_logging(app)
configure_blueprints(app)
CORS(
app,
origins='*',
origins=[
'http://localhost',
'http://localhost:5000',
'http://localhost:8081',
],
allow_headers=[
'Content-Type',
'Authorization',
'Access-Control-Allow-Credentials'
],
expose_headers=[
'Authorization',
],
supports_credentials=True
)
configure_blueprints(app)
configure_shellcontext(app)
return app
......
from functools import wraps
from flask import Blueprint, jsonify, request
from flask import Blueprint, jsonify, request, make_response
from flask_httpauth import HTTPBasicAuth
from flask_jwt_extended import jwt_refresh_token_required, get_jwt_identity, unset_jwt_cookies, set_access_cookies, \
set_refresh_cookies
......@@ -53,6 +53,8 @@ def login():
if user is None:
return jsonify({'login': False}), 200
access_token = user.create_access_token()
refresh_token = user.create_refresh_token()
resp = jsonify({
'login': True,
'user': {
......@@ -61,28 +63,31 @@ def login():
'email': user.email,
}
})
set_access_cookies(resp, user.create_access_token())
set_refresh_cookies(resp, user.create_refresh_token())
resp.headers['Authorization'] = "Bearer {}".format(access_token)
set_access_cookies(resp, access_token)
set_refresh_cookies(resp, refresh_token)
return resp, 200
# Same thing as login here, except we are only setting a new cookie
# for the access token.
@auth_app.route('/token/refresh', methods=['POST'])
@auth_app.route('/token/refresh', methods=['GET'])
@jwt_refresh_token_required
def refresh():
from eBookHub.models import User
current_user = User.query.filter_by(email=get_jwt_identity()).first()
access_token = current_user.create_access_token(identity=current_user)
access_token = current_user.create_access_token()
# Set the JWT access cookie in the response
resp = jsonify({'refresh': True})
set_access_cookies(resp, access_token)
resp.headers['Authorization'] = "Bearer {}".format(access_token)
return resp, 200
@auth_app.route('/token/remove', methods=['POST'])
@auth_app.route('/token/remove', methods=['GET'])
def logout():
resp = jsonify({'logout': True})
unset_jwt_cookies(resp)
resp.headers['Authorization'] = ""
return resp, 200
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment