Added revoking token during logout
This commit is contained in:
Marcin-Ramotowski
16
api/app.py
16
api/app.py
@ -2,10 +2,10 @@ from dotenv import load_dotenv
|
||||
from flask import Flask, jsonify
|
||||
from flask_jwt_extended import JWTManager
|
||||
from jwt import ExpiredSignatureError
|
||||
from models import db
|
||||
from models import db, RevokedToken
|
||||
import os
|
||||
from task_views import task_bp
|
||||
from user_views import user_bp, init_db
|
||||
from utils import init_db
|
||||
from views import user_bp
|
||||
from werkzeug.exceptions import HTTPException
|
||||
|
||||
def create_app(config_name="default"):
|
||||
@ -19,18 +19,24 @@ def create_app(config_name="default"):
|
||||
app.config["TESTING"] = True
|
||||
else:
|
||||
app.config["SQLALCHEMY_DATABASE_URI"] = os.getenv("SQLALCHEMY_DATABASE_URI")
|
||||
|
||||
app.config["SQLALCHEMY_TRACK_MODIFICATIONS"] = False
|
||||
|
||||
# JWT settings
|
||||
app.config["JWT_SECRET_KEY"] = os.getenv("JWT_SECRET_KEY", "changeme")
|
||||
|
||||
# Blueprints registration
|
||||
app.register_blueprint(user_bp)
|
||||
app.register_blueprint(task_bp)
|
||||
|
||||
# Database and JWT initialization
|
||||
db.init_app(app)
|
||||
jwt = JWTManager(app)
|
||||
|
||||
# Function to check if JWT token is revoked
|
||||
@jwt.token_in_blocklist_loader
|
||||
def check_if_token_revoked(jwt_header, jwt_payload):
|
||||
token = db.session.get(RevokedToken, jwt_payload["jti"])
|
||||
return token is not None
|
||||
|
||||
# Global error handler
|
||||
@app.errorhandler(Exception)
|
||||
def global_error_handler(error):
|
||||
|
||||
Reference in New Issue
Block a user