· 7 years ago · Oct 21, 2018, 01:00 PM
1class AuthenticationToken:
2 def __init__(self, secret_key, expires_in):
3 self.secret_key = secret_key
4 self.expires_in = expires_in
5 self.serializer = JSONWebSignatureSerializer(secret_key)
6
7 def generate_token(self, username):
8 info = {
9 'username': username,
10 'creation_time': time()
11 }
12
13 token = self.serializer.dumps(info)
14 return token.decode()
15
16 def validate_token(self, token):
17 info = self.serializer.loads(token.encode())
18
19 if time() - info['creation_time'] > self.expires_in:
20 raise SignatureExpired("The Token has been expired; get a new token")
21
22 return info['username']
23
24
25SECRET_KEY = "ABCDEFGHIJ"
26expires_in = 600
27auth = AuthenticationToken(SECRET_KEY, expires_in)
28
29app = Flask(__name__)
30api = Api(app,
31 authorizations={
32 'API-KEY': {
33 'type': 'apiKey',
34 'in': 'header',
35 'name': 'AUTH-TOKEN'
36 }
37 },
38 security='API-KEY',
39 default="Data", # Default namespace
40 title="Country Dataset", # Documentation Title
41 description="Placeholder") # Documentation Description
42
43
44def requires_auth(f):
45 @wraps(f)
46 def decorated(*args, **kwargs):
47
48 token = request.headers.get('AUTH-TOKEN')
49 if not token:
50 abort(401, 'Authentication token is missing')
51
52 try:
53 user = auth.validate_token(token)
54 except SignatureExpired as e:
55 abort(401, e.message)
56 except BadSignature as e:
57 abort(401, e.message)
58
59 return f(*args, **kwargs)
60
61 return decorated
62
63credential_model = api.model('credential', {
64 'username': fields.String,
65 'password': fields.String
66})
67
68credential_parser = reqparse.RequestParser()
69credential_parser.add_argument('username', type=str)
70credential_parser.add_argument('password', type=str)