-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathapp.py
74 lines (61 loc) · 2.82 KB
/
app.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
import os
from flask_jwt_extended.jwt_manager import JWTManager
from flask import Flask, jsonify
from flask_smorest import Api
from resources.item import blue_print as item_blueprint
from resources.store import blue_print as store_blueprint
from resources.tag import blue_print as tag_blueprint
from resources.user import blue_print as user_blueprint
from db import db
from blocklist import expired_tokens
from flask_migrate import Migrate
def create_app(db_url=None):
app = Flask(__name__)
app.config['PROPAGATE_EXCEPTIONS'] = True
app.config['API_TITLE'] = 'Stores REST API'
app.config['API_VERSION'] = 'v1'
app.config['OPENAPI_VERSION'] = '3.0.3'
app.config['OPENAPI_URL_PREFIX'] = '/'
app.config['OPENAPI_SWAGGER_UI_PATH'] = '/swagger-ui'
app.config['OPENAPI_SWAGGER_UI_URL'] = 'https://cdn.jsdelivr.net/npm/swagger-ui-dist/'
app.config['SQLALCHEMY_DATABASE_URI'] = db_url or os.getenv('DATABASE_URL', 'sqlite:///data.db')
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
# Connect flask app to SQLAlchemy
db.init_app(app)
migrate = Migrate(app, db)
api = Api(app)
# JWT uses secret key to verify that a jwt has been generated by our api
app.config['JWT_SECRET_KEY'] = os.getenv('jwt_secret_key', 'DummySecretKey')
jwt = JWTManager(app)
@jwt.token_in_blocklist_loader
def check_if_token_in_blocklist(jwt_header, jwt_payload):
return jwt_payload['jti'] in expired_tokens
# Customizing JWT frequent error messages for the user
@jwt.expired_token_loader
def expired_token_callback(jwt_header, jwt_payload):
return jsonify({
"Message": "The token has expired.",
"error": "token_expired"
}), 401
@jwt.invalid_token_loader
def invalid_token_callback(error):
return jsonify({"Message": "Signature verification failed.", "error": "Invalid Token"}), 401
@jwt.unauthorized_loader
def missing_token_callback(error):
return jsonify({"description": "Request does not contain an access token",
"error": "authorization_required"}), 401
@jwt.revoked_token_loader
def revoked_token_callback(jwt_header, jwt_payload):
return jsonify({"description": "The token has been revoked", "error": " token_revoked"}), 401
@jwt.needs_fresh_token_loader
def token_not_fresh_callback(jwt_header, jwt_payload):
return jsonify({"description": "The token is not fresh.", "error": "fresh_token_required"}), 401
# Create all models
with app.app_context():
db.create_all()
# register all our APIs
api.register_blueprint(item_blueprint)
api.register_blueprint(store_blueprint)
api.register_blueprint(tag_blueprint)
api.register_blueprint(user_blueprint)
return app