Ajout du refresh_token

0c12fa95 · Jérémie Passerat · e5ee0da7 · 0c12fa95
Commit 0c12fa95 authored Sep 16, 2021 by Jérémie Passerat
Show whitespace changes
Inline Side-by-side

Showing with 21 additions and 13 deletions

app.py app.py +21 -13

No files found.
--- a/app.py
+++ b/app.py
@@ -10,7 +10,7 @@ from flask import Flask
 from flask import request, jsonify, Blueprint, make_response, send_file
 from flask_cors import CORS, cross_origin
 from flask_jwt_extended import JWTManager
-from flask_jwt_extended import create_access_token, get_jwt, set_access_cookies
+from flask_jwt_extended import create_access_token, get_jwt, set_access_cookies, create_refresh_token
 from flask_jwt_extended import get_jwt_identity
 from flask_jwt_extended import jwt_required
 from flask_restx import Api, Resource
@@ -36,7 +36,6 @@ en_cours_dao = EncoursDao()
 client = MongoClient('localhost', 27017)
 base_donnees = client.squelette
 app.config["JWT_SECRET_KEY"] = "l'ordinateur-c'est-magique"  # Change this!
 jwt = JWTManager(app)
@@ -81,17 +80,22 @@ def my_invalid_token_callback(expired_token):
 @app.after_request
 def refresh_expiring_jwts(response):
    try:
-        exp_timestamp = get_jwt()["exp"]
+        print(get_jwt())
-        now = datetime.now(timezone.utc)
-        target_timestamp = datetime.timestamp(now + timedelta(minutes=30))
-        if target_timestamp > exp_timestamp:
-            access_token = create_access_token(identity=get_jwt_identity())
-            set_access_cookies(response, access_token)
        return response
    except (RuntimeError, KeyError):
-        # Case where there is not a valid JWT. Just return the original respone
        return response
+## *********************************************************************************************************************
+## Fonction pour recharger le token d'accès
+@app.route("/refreshToken", methods=['GET'])
+@jwt_required(refresh=True)
+def refresh():
+    identity = get_jwt_identity()
+    print("identity : " + identity)
+    access_token = create_access_token(identity=identity)
+    return jsonify(access_token=access_token)
 ## *********************************************************************************************************************
 ## Test de manipulation des images
@@ -136,16 +140,17 @@ class VerifierUtilisateur(Resource):
        if utilisateur_dao.presence_utilisateur(request.args.get("login")):
            try:
-                identity = get_jwt_identity()
+                identity = get_jwt_identity()
                access_token = create_access_token(identity=identity)
            except RuntimeError:
                randomChaine = (''.join(random.choice(string.ascii_letters + string.digits) for _ in range(10)))
-                access_token = create_access_token(identity=request.args.get("login"))
+                access_token = create_access_token(identity=randomChaine)
-                response = jsonify({"msg": "login successful"})
+                refresh_token = create_refresh_token(identity=randomChaine)
-                return make_response(jsonify(access_token=access_token), 200)
+                return make_response(jsonify(access_token=access_token, refresh_token=refresh_token), 200)
        else:
            return "L'utilisateur n'existe pas", 400
@@ -299,8 +304,11 @@ class GetContenuPanier(Resource):
    ## récupérer le contenu du panier d'un auteur
    @jwt_required()
    def get(self, auteur):
+        exp_timestamp = get_jwt()["exp"]
        now = datetime.now(timezone.utc)
        target_timestamp = datetime.timestamp(now + timedelta(minutes=30))
+        print("tuttutututu : ", datetime.fromtimestamp(exp_timestamp - target_timestamp))
        auteur = auteur.replace("_", " ")
        return json.loads(
            json.dumps(contenu_dao.get_contenus(auteur, request.args.get("perso"), request.args.get("tiers"),