moved the hook to add the cookies to the response into the base class to avoid re-coding it in every place it is needed.
Chris Veilleux
parent
70ccab71de
commit
aea9851116
|
|
@ -8,8 +8,6 @@ authentication, which uses a 3rd party authentication, like Google.
|
||||||
from binascii import a2b_base64
|
from binascii import a2b_base64
|
||||||
from http import HTTPStatus
|
from http import HTTPStatus
|
||||||
|
|
||||||
from flask import after_this_request
|
|
||||||
|
|
||||||
from selene.account import Account, AccountRepository, RefreshTokenRepository
|
from selene.account import Account, AccountRepository, RefreshTokenRepository
|
||||||
from selene.api import SeleneEndpoint
|
from selene.api import SeleneEndpoint
|
||||||
from selene.util.auth import AuthenticationError
|
from selene.util.auth import AuthenticationError
|
||||||
|
|
@ -30,21 +28,12 @@ class AuthenticateInternalEndpoint(SeleneEndpoint):
|
||||||
self._authenticate_credentials()
|
self._authenticate_credentials()
|
||||||
access_token, refresh_token = self._generate_tokens()
|
access_token, refresh_token = self._generate_tokens()
|
||||||
self._add_refresh_token_to_db(refresh_token)
|
self._add_refresh_token_to_db(refresh_token)
|
||||||
cookies = self._generate_token_cookies(access_token, refresh_token)
|
self._generate_token_cookies(access_token, refresh_token)
|
||||||
except AuthenticationError as ae:
|
except AuthenticationError as ae:
|
||||||
cookies = None
|
|
||||||
self.response = (str(ae), HTTPStatus.UNAUTHORIZED)
|
self.response = (str(ae), HTTPStatus.UNAUTHORIZED)
|
||||||
else:
|
else:
|
||||||
self._build_response()
|
self._build_response()
|
||||||
|
|
||||||
@after_this_request
|
|
||||||
def set_cookies(response):
|
|
||||||
if cookies is not None:
|
|
||||||
access_token_cookie, refresh_token_cookie = cookies
|
|
||||||
response.set_cookie(**access_token_cookie)
|
|
||||||
response.set_cookie(**refresh_token_cookie)
|
|
||||||
return response
|
|
||||||
|
|
||||||
return self.response
|
return self.response
|
||||||
|
|
||||||
def _authenticate_credentials(self):
|
def _authenticate_credentials(self):
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
from http import HTTPStatus
|
from http import HTTPStatus
|
||||||
|
|
||||||
from flask import request, current_app
|
from flask import after_this_request, current_app, request
|
||||||
from flask_restful import Resource
|
from flask_restful import Resource
|
||||||
|
|
||||||
from selene.account import Account, AccountRepository, RefreshTokenRepository
|
from selene.account import Account, AccountRepository, RefreshTokenRepository
|
||||||
|
|
@ -138,7 +138,12 @@ class SeleneEndpoint(Resource):
|
||||||
httponly=True
|
httponly=True
|
||||||
)
|
)
|
||||||
|
|
||||||
return access_token_cookie, refresh_token_cookie
|
@after_this_request
|
||||||
|
def set_cookies(response):
|
||||||
|
response.set_cookie(**access_token_cookie)
|
||||||
|
response.set_cookie(**refresh_token_cookie)
|
||||||
|
|
||||||
|
return response
|
||||||
|
|
||||||
def _update_refresh_token_on_db(self, new_refresh_token):
|
def _update_refresh_token_on_db(self, new_refresh_token):
|
||||||
old_refresh_token = self.request.cookies['seleneRefresh']
|
old_refresh_token = self.request.cookies['seleneRefresh']
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue