From 9727d183459ea374b97889cfecebf77aba3487ff Mon Sep 17 00:00:00 2001 From: chris Date: Mon, 10 Mar 2025 23:12:20 +0000 Subject: [PATCH] Upload files to "auth" Add auth to initial commit --- auth/__init__.py | 4 ++++ auth/jwt_controller.py | 20 ++++++++++++++++++++ auth/sessions.py | 19 +++++++++++++++++++ 3 files changed, 43 insertions(+) create mode 100644 auth/__init__.py create mode 100644 auth/jwt_controller.py create mode 100644 auth/sessions.py diff --git a/auth/__init__.py b/auth/__init__.py new file mode 100644 index 0000000..9656de5 --- /dev/null +++ b/auth/__init__.py @@ -0,0 +1,4 @@ +from flask_login import LoginManager + +login = LoginManager() + diff --git a/auth/jwt_controller.py b/auth/jwt_controller.py new file mode 100644 index 0000000..bcb46a2 --- /dev/null +++ b/auth/jwt_controller.py @@ -0,0 +1,20 @@ +from datetime import timedelta +import redis +from flask_jwt_extended import JWTManager + +jwt = JWTManager() +redis_jwt_blocklist = redis.StrictRedis(host='redis', port=6379, password='ijfijfijf++', db=0, decode_responses=True) + + +@jwt.token_in_blocklist_loader +def check_if_token_revoked(jwt_header, jwt_payload): + jti = jwt_payload['jti'] + token_in_redis = redis_jwt_blocklist.get(jti) + return token_in_redis is not None + + +def revoke_token(jti): + redis_jwt_blocklist.set(jti, "", ex=timedelta(hours=2)) + + + diff --git a/auth/sessions.py b/auth/sessions.py new file mode 100644 index 0000000..687da12 --- /dev/null +++ b/auth/sessions.py @@ -0,0 +1,19 @@ +from flask.sessions import SecureCookieSessionInterface +from flask import g +from flask_login import user_loaded_from_request + + +@user_loaded_from_request.connect +def user_loaded_from_request(app, user=None): + g.login_via_request = True + + +class JWTSessionInterface(SecureCookieSessionInterface): + """This is a custom session interface that will turn off cookies for flask requests so that JWT tokens can be used instead.""" + def should_set_cookie(self, app, session): + return False + + def save_session(self, app, session, response): + if g.get('login_via_request'): + return + return super(JWTSessionInterface, self).save_session(app, session, response)