diff --git a/app/lib_general.py b/app/lib_general.py index 20fffd9..d85a5b4 100644 --- a/app/lib_general.py +++ b/app/lib_general.py @@ -68,7 +68,7 @@ def sign_jwt( person_id: str = None, user_id: str = None, ) -> Dict[str, str]: - log.setLevel(logging.DEBUG) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL + log.setLevel(logging.WARNING) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL log.debug(locals()) payload = { @@ -94,7 +94,7 @@ def decode_jwt( secret_key: str, token: str, ) -> dict: - log.setLevel(logging.DEBUG) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL + log.setLevel(logging.WARNING) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL log.debug(locals()) secret = secret_key diff --git a/app/routers/api.py b/app/routers/api.py index 7832ef9..9f7e785 100644 --- a/app/routers/api.py +++ b/app/routers/api.py @@ -17,6 +17,7 @@ from app.models.response_models import Resp_Body_Base, mk_resp router = APIRouter() +# ### BEGIN ### API API ### request_jwt() ### # Generate JWT using associated API private key # Verify JWT using the API public key's associated API private key # API server or trusted app can generate JWTs @@ -30,6 +31,7 @@ router = APIRouter() # * person_id # * user_id # API server verifies JWTs +# Updated 2021-07-14 @router.get('/request_jwt', response_model=Resp_Body_Base) async def request_jwt( x_aether_api_secret_key: Optional[str] = Header(None, min_length=22, max_length=22), # If passed then can also set TTL @@ -50,6 +52,9 @@ async def request_jwt( if x_aether_api_secret_key or x_aether_api_token: pass else: return mk_resp(data=False, status_code=400) # Bad Request + if not x_aether_api_secret_key: max_ttl = 300 # Override any max_ttl if no API secret + if not x_aether_api_secret_key: max_renew = 5 # Override any max_rewnew if no API secret + api_secret_key = x_aether_api_secret_key if x_aether_api_secret_key: @@ -63,26 +68,6 @@ async def request_jwt( else: log.warning('No results when looking up the API secret key') return mk_resp(data=False, status_code=401) # Unauthorized - - # if api_key_rec_select_result.get('enable', None): - # api_key_rec = api_key_rec_select_result - # else: - # log.warning('API secret key not enabled') - # return mk_resp(data=False, status_code=401) # Unauthorized - - # current_datetime = datetime.datetime.utcnow() # datetime.datetime.now() Gets server local datetime - # if api_key_rec.get('enable_from', None) <= current_datetime and api_key_rec.get('enable_to', None) >= current_datetime: - # pass - # else: - # log.warning('API secret key expired') - # return mk_resp(data=False, status_code=401) # Unauthorized - - # if api_public_key := api_key_rec.get('public_key', None): pass - # else: - # log.warning('Public key was not found with the API secret key that was looked up') - # return mk_resp(data=False, status_code=400) # Bad Request - - # max_ttl = 3600 elif x_aether_api_public_key and x_aether_api_token: table_name_select = 'api_key' field_name = 'public_key' @@ -125,7 +110,6 @@ async def request_jwt( message = 'The JWT sent is out of allowed renewals. Try again with a current JWT or just the API secret key.' log.warning(message) return mk_resp(data=False, status_code=401, status_message=message) # Unauthorized - max_ttl = 300 max_renew = current_token.get('max_renew', 0) - 1 if not account_id: account_id = current_token.get('account_id', None) if not person_id: person_id = current_token.get('person_id', None) @@ -135,32 +119,6 @@ async def request_jwt( log.warning(message) return mk_resp(data=False, status_code=401, status_message=message) # Unauthorized - # api_key_rec = api_key_rec_select_result - # api_secret_key = x_aether_api_secret_key - - # if api_key_rec_select_result.get('enable', None): - # api_key_rec = api_key_rec_select_result - # else: - # log.warning('API secret key not enabled') - # return mk_resp(data=False, status_code=401) # Unauthorized - - # if x_aether_api_token: - # if current_token := decode_jwt(secret_key=api_secret_key, token=x_aether_api_token): - # if current_token.get('count', 0) > 0: pass - # else: - # message = 'The JWT sent is out of allowed renewals. Try again with a current JWT or just the API secret key.' - # log.warning(message) - # return mk_resp(data=False, status_code=401, status_message=message) # Unauthorized - # max_ttl = 300 - # max_renew = current_token.get('max_renew', 0) - 1 - # if not account_id: account_id = current_token.get('account_id', None) - # if not person_id: person_id = current_token.get('person_id', None) - # if not user_id: user_id = current_token.get('user_id', None) - # else: - # message = 'The JWT sent is either expired or otherwise invalid. Try again with a current JWT or just the API secret key.' - # log.warning(message) - # return mk_resp(data=False, status_code=401, status_message=message) # Unauthorized - payload = {} payload['account_id'] = account_id payload['person_id'] = person_id @@ -170,6 +128,7 @@ async def request_jwt( response_data = { 'api_access_jwt': token } return mk_resp(data=response_data) +# ### END ### API API ### request_jwt() ### @router.get('/temp_token', response_model=Resp_Body_Base)