From 9ab3df8bcd61a07a5eeade60053b30db84409610 Mon Sep 17 00:00:00 2001 From: gongzt Date: Thu, 27 Apr 2023 10:12:42 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E5=88=B7=E6=96=B0token?= =?UTF-8?q?=E5=90=8E=EF=BC=8C=E6=97=A7=E7=9A=84token=E4=BB=8D=E7=84=B6?= =?UTF-8?q?=E7=94=9F=E6=95=88=EF=BC=8C=E4=BB=A5=E5=8F=8A=E9=80=80=E5=87=BA?= =?UTF-8?q?=E7=99=BB=E5=BD=95=E5=90=8E=E6=97=A7=E7=9A=84token=E6=9C=89?= =?UTF-8?q?=E6=95=88?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- zeus/account_manager/view.py | 49 +++++++++++++++++++++++++++++------- zeus/url.py | 4 ++- 2 files changed, 43 insertions(+), 10 deletions(-) diff --git a/zeus/account_manager/view.py b/zeus/account_manager/view.py index 68194d0..40a0658 100644 --- a/zeus/account_manager/view.py +++ b/zeus/account_manager/view.py @@ -15,6 +15,8 @@ Time: Author: Description: Restful APIs for user """ +from jwt.exceptions import ExpiredSignatureError + from vulcanus.conf.constant import REFRESH_TOKEN_EXP from vulcanus.database.proxy import RedisProxy from vulcanus.log.log import LOGGER @@ -182,20 +184,49 @@ class RefreshToken(BaseResponse): Returns: dict: response body """ - status = self.verify_token(params.get("refresh_token"), params) - if status != state.SUCCEED: - return self.response(code=status, message="token refreshing failure.") try: - username = decode_token(params.get("refresh_token"))["key"] + refresh_token_info = decode_token(params.get("refresh_token")) + except ExpiredSignatureError: + return self.response(code=state.TOKEN_EXPIRE) + except ValueError: + self.response(code=state.TOKEN_ERROR, message="token refreshing failure.") + + username = refresh_token_info["key"] + old_refresh_token = RedisProxy.redis_connect.get("refresh_token_" + username) + if not old_refresh_token or old_refresh_token != params.get("refresh_token"): + return self.response(code=state.TOKEN_ERROR, message="Invalid token.") + + try: token = generate_token(unique_iden=username) - refresh_token = generate_token( - unique_iden=username, minutes=REFRESH_TOKEN_EXP) + refresh_token = generate_token(unique_iden=username, minutes=REFRESH_TOKEN_EXP) except ValueError: LOGGER.error("Token generation failed,token refreshing failure.") return self.response(code=state.GENERATION_TOKEN_ERROR) - + # Remove an expired token + RedisProxy.redis_connect.delete("token_" + username) + RedisProxy.redis_connect.delete("refresh_token_" + username) + # Set a new token value RedisProxy.redis_connect.set("token_" + username, token) - RedisProxy.redis_connect.set( - "refresh_token_" + username, refresh_token) + RedisProxy.redis_connect.set("refresh_token_" + username, refresh_token) return self.response(code=state.SUCCEED, data=dict(token=token, refresh_token=refresh_token)) + + +class Logout(BaseResponse): + """ + Interface for logout. + Restful API: post + """ + + @BaseResponse.handle() + def post(self, **params): + """ + Refresh token + + Returns: + dict: response body + """ + username = params.get("username") + RedisProxy.redis_connect.delete("token_" + username) + RedisProxy.redis_connect.delete("refresh_token_" + username) + return self.response(code=state.SUCCEED) \ No newline at end of file diff --git a/zeus/url.py b/zeus/url.py index ae31276..4f1e78e 100644 --- a/zeus/url.py +++ b/zeus/url.py @@ -44,7 +44,8 @@ from vulcanus.conf.constant import ( QUERY_METRIC_NAMES, QUERY_METRIC_DATA, QUERY_METRIC_LIST, - REFRESH_TOKEN + REFRESH_TOKEN, + LOGOUT ) from zeus.account_manager import view as account_view from zeus.agent_manager import view as agent_view @@ -64,6 +65,7 @@ SPECIFIC_URLS = { (account_view.AuthRedirectUrl, AUTH_REDIRECT_URL), (account_view.BindAuthAccount, BIND_AUTH_ACCOUNT), (account_view.RefreshToken, REFRESH_TOKEN), + (account_view.Logout, LOGOUT), ], "HOST_URLS": [ (host_view.AddHost, ADD_HOST), -- Gitee