diff --git a/app/modules/roxywi/auth.py b/app/modules/roxywi/auth.py index ea4b7dd5..0ab6dd09 100644 --- a/app/modules/roxywi/auth.py +++ b/app/modules/roxywi/auth.py @@ -2,8 +2,6 @@ from typing import Union from flask import request, abort, url_for, jsonify from flask_jwt_extended import create_access_token, set_access_cookies -from flask_jwt_extended import get_jwt -from flask_jwt_extended import verify_jwt_in_request import app.modules.db.sql as sql import app.modules.db.user as user_sql @@ -29,8 +27,7 @@ def check_login(user_id: int) -> Union[str, None]: def is_access_permit_to_service(service: str) -> bool: service_id = service_sql.select_service_id_by_slug(service) - verify_jwt_in_request() - claims = get_jwt() + claims = roxywi_common.get_jwt_token_claims() user_services = user_sql.select_user_services(claims['user_id']) if str(service_id) in user_services: return True @@ -42,8 +39,7 @@ def is_admin(level=1, **kwargs): if kwargs.get('role_id'): role = kwargs.get('role_id') else: - verify_jwt_in_request() - claims = get_jwt() + claims = roxywi_common.get_jwt_token_claims() user_id = claims['user_id'] group_id = claims['group'] diff --git a/app/modules/roxywi/common.py b/app/modules/roxywi/common.py index 9a0c9d80..e8153a01 100644 --- a/app/modules/roxywi/common.py +++ b/app/modules/roxywi/common.py @@ -22,10 +22,16 @@ from app.modules.roxywi.exception import RoxywiResourceNotFound, RoxywiGroupMism get_config_var = roxy_wi_tools.GetConfigVar() +def get_jwt_token_claims() -> dict: + verify_jwt_in_request() + claims = get_jwt() + claim = {'user_id': claims['user_id'], 'group': claims['group']} + return claim + + def get_user_group(**kwargs) -> int: try: - verify_jwt_in_request() - claims = get_jwt() + claims = get_jwt_token_claims() user_group_id = claims['group'] group = group_sql.get_group(user_group_id) if group.group_id == int(user_group_id): @@ -43,8 +49,7 @@ def get_user_group(**kwargs) -> int: def check_user_group_for_flask(api_token: bool = False): if api_token: return True - verify_jwt_in_request() - claims = get_jwt() + claims = get_jwt_token_claims() user_id = claims['user_id'] group_id = claims['group'] @@ -117,8 +122,7 @@ def logging(server_ip: Union[str, int], action: str, **kwargs) -> None: setup_logger(log_file) # JWT validation and extracting user's information - verify_jwt_in_request() - claims = get_jwt() + claims = get_jwt_token_claims() user_id = claims['user_id'] user = user_sql.get_user_id(user_id=user_id) user_group = get_user_group() @@ -200,8 +204,7 @@ def get_dick_permit(**kwargs): def get_users_params(**kwargs): - verify_jwt_in_request() - user_data = get_jwt() + user_data = get_jwt_token_claims() try: user_id = user_data['user_id'] diff --git a/app/modules/roxywi/overview.py b/app/modules/roxywi/overview.py index c2db0c01..ecf54192 100644 --- a/app/modules/roxywi/overview.py +++ b/app/modules/roxywi/overview.py @@ -1,8 +1,6 @@ import psutil import requests from flask import render_template, request -from flask_jwt_extended import get_jwt -from flask_jwt_extended import verify_jwt_in_request import app.modules.db.sql as sql import app.modules.db.waf as waf_sql @@ -41,8 +39,7 @@ def show_sub_ovw() -> str: def show_overview(serv) -> str: servers = [] - verify_jwt_in_request() - claims = get_jwt() + claims = roxywi_common.get_jwt_token_claims() lang = roxywi_common.get_user_lang_for_flask() role = user_sql.get_user_role_in_group(claims['user_id'], claims['group']) server = server_sql.get_server_by_ip(serv) diff --git a/app/modules/service/common.py b/app/modules/service/common.py index 039b7d1f..ecabd87d 100644 --- a/app/modules/service/common.py +++ b/app/modules/service/common.py @@ -2,8 +2,6 @@ from typing import Union import requests from flask import render_template -from flask_jwt_extended import get_jwt -from flask_jwt_extended import verify_jwt_in_request import app.modules.db.sql as sql import app.modules.db.user as user_sql @@ -45,8 +43,7 @@ def is_protected(server_ip: str, action: str) -> None: :return: None :raises: Exception if the server is protected and the user role is not high enough. """ - verify_jwt_in_request() - claims = get_jwt() + claims = roxywi_common.get_jwt_token_claims() user_role = user_sql.get_user_role_in_group(claims['user_id'], claims['group']) if server_sql.is_serv_protected(server_ip) and int(user_role) > 2: