api/v1/handlers/authentication/refresh.py
2024-01-15 13:32:24 +01:00

71 lines
2.4 KiB
Python

import sys
import os
current = os.path.dirname(os.path.realpath(__file__))
parent = os.path.dirname(current)
sys.path.append(parent)
import tornado
from ioutils.base import BaseHandler
from ioutils.errors import ErrorCode, ErrorMessage
from piracyshield_service.authentication.verify_refresh_token import AuthenticationVerifyRefreshTokenService
from piracyshield_service.authentication.generate_access_token import AuthenticationGenerateAccessTokenService
from piracyshield_component.exception import ApplicationException
class AuthenticationRefreshHandler(BaseHandler):
"""
Get another JWT access token once the main has expired.
"""
optional_fields = [
'refresh_token'
]
async def post(self):
# use stored refresh token when available
refresh_token = self.get_refresh_cookie()
# if no cookie available, generate a new access_token via POSTed refresh_token
if not refresh_token:
# if no refresh_token is found, we have an error
if self.handle_post(required_fields = None, optional_fields = self.optional_fields) == False:
return
if not self.request_data.get('refresh_token'):
return self.error(status_code = 403, error_code = ErrorCode.MISSING_REFRESH_TOKEN, message = ErrorMessage.MISSING_REFRESH_TOKEN)
refresh_token = self.request_data.get('refresh_token')
try:
access_token = await tornado.ioloop.IOLoop.current().run_in_executor(
None,
self.process,
refresh_token
)
# return the access_token
self.success(data = {
'access_token': access_token
})
except ApplicationException as e:
self.error(status_code = 400, error_code = e.code, message = e.message)
def process(self, refresh_token: str) -> str:
authentication_verify_refresh_token_service = AuthenticationVerifyRefreshTokenService()
# verify the token and unwrap the payload
payload = authentication_verify_refresh_token_service.execute(
token = refresh_token
)
authentication_generate_access_token_service = AuthenticationGenerateAccessTokenService()
# generate a new access token
access_token = authentication_generate_access_token_service.execute(payload)
return access_token