CODEWITHSUNDEEP
pythonangularauthentication
Vladimir Despotovic
Vladimir Despotovic

Reputation: 3505

How to connect Python Flask CAS server to angular application?

I have the python server (Flask more precisely) up and running and it is connecting correctly to my CAS server, redirecting to CAS login, and returning correct user data upon login. This is relevant code from flask server:

app.secret_key = "SOMESECRETKEY"

cas_client = CASClient(
    version=3,
    service_url="http://localhost:5000/login?next=%2Fprofile",
    server_url='https://django-cas-ng-demo-server.herokuapp.com/cas/'

)

@app.route("/profile")
def profile(method=["GET"]):
    if "username" in session:
        jawt = jwt.encode(session["user_attributes"], app.secret_key, algorithm="HS256")
    return redirect("http://localhost:4200/?accessToken=" + jawt)

The data is returned to the angular page, via GET method redirect (see code above). I don't want to send the accessToken by GET method, but rather, I want to store it in localStorage. How can I do that, from python, but WITHOUT first sending it as GET parameter?

Upvotes: 0

Views: 308

Answers (1)

roman
roman

Reputation: 525

Ideally, the token is returned by whatever route implements the login functionality, but if that's not possible you can create a specific route just for that and save it in localStorage:

from flask import jsonify

@app.route("/token")
def token(method=["GET"]):
    if "username" not in session:
        abort(403)
    token = jwt.encode(session["user_attributes"], app.secret_key, algorithm="HS256")
    return jsonify(token=token)

and then create another route to return profile details:

import requests
from flask import jsonify, request

@app.route("/profile")
def profile(method=["GET"]):
    token = get_token_from_authorization_header(request)
    qs = {"accessToken": token}
    resp = requests.get("http://localhost:4200", params=qs)
    if not resp.ok:
        abort(403)
    return resp.json()

Upvotes: 1

Related Questions