Merge staging-next-21.05 into staging-21.05

This commit is contained in:
github-actions[bot] 2021-09-14 06:03:14 +00:00 committed by GitHub
commit 85e990280d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 58 additions and 13 deletions

View File

@ -5,7 +5,6 @@
, colorama
, click
, email_validator
, fetchpatch
, flask
, flask-babel
, flask_login
@ -26,23 +25,18 @@
buildPythonPackage rec {
pname = "flask-appbuilder";
version = "3.3.0";
version = "3.3.2";
src = fetchPypi {
pname = "Flask-AppBuilder";
inherit version;
sha256 = "00dsfv1apl6483wy20aj91f9h5ak2casbx5vcajv2nd3i7c7v8gx";
sha256 = "1js1nbal020ilqdrmd471zjab9jj6489fxy4583n55bh5fyiac6i";
};
patches = [
# https://github.com/dpgaspar/Flask-AppBuilder/pull/1610
(fetchpatch {
name = "flask_jwt_extended-and-pyjwt-patch";
url = "https://github.com/dpgaspar/Flask-AppBuilder/commit/7097a7b133f27c78d2b54d2a46e4a4c24478a066.patch";
sha256 = "sha256-ZpY8+2Hoz3z01GVtw2OIbQcsmAwa7iwilFWzgcGhY1w=";
includes = [ "flask_appbuilder/security/manager.py" "setup.py" ];
})
];
# See here: https://github.com/dpgaspar/Flask-AppBuilder/commit/7097a7b133f27c78d2b54d2a46e4a4c24478a066.patch
# https://github.com/dpgaspar/Flask-AppBuilder/pull/1610
# The patch from the PR doesn't apply cleanly so I edited it manually.
patches = [ ./upgrade-to-flask_jwt_extended-4.patch ];
propagatedBuildInputs = [
apispec
@ -70,9 +64,15 @@ buildPythonPackage rec {
postPatch = ''
substituteInPlace setup.py \
--replace "apispec[yaml]>=3.3, <4" "apispec[yaml] >=3.3, <5" \
--replace "click>=6.7, <8" "click" \
--replace "Flask>=0.12, <2" "Flask" \
--replace "Flask-Login>=0.3, <0.5" "Flask-Login >=0.3, <0.6" \
--replace "Flask-Babel>=1, <2" "Flask-Babel >=1, <3" \
--replace "marshmallow-sqlalchemy>=0.22.0, <0.24.0" "marshmallow-sqlalchemy >=0.22.0, <0.25.0"
--replace "Flask-WTF>=0.14.2, <0.15.0" "Flask-WTF" \
--replace "marshmallow-sqlalchemy>=0.22.0, <0.24.0" "marshmallow-sqlalchemy" \
--replace "Flask-JWT-Extended>=3.18, <4" "Flask-JWT-Extended>=4.1.0" \
--replace "PyJWT>=1.7.1, <2.0.0" "PyJWT>=2.0.1" \
--replace "SQLAlchemy<1.4.0" "SQLAlchemy"
'';
# Majority of tests require network access or mongo

View File

@ -0,0 +1,45 @@
diff --git a/flask_appbuilder/security/api.py b/flask_appbuilder/security/api.py
index 2e2dfd612..df1bd5a25 100644
--- a/flask_appbuilder/security/api.py
+++ b/flask_appbuilder/security/api.py
@@ -3,7 +3,7 @@
create_access_token,
create_refresh_token,
get_jwt_identity,
- jwt_refresh_token_required,
+ jwt_required,
)
from ..api import BaseApi, safe
@@ -118,7 +118,7 @@ def login(self):
return self.response(200, **resp)
@expose("/refresh", methods=["POST"])
- @jwt_refresh_token_required
+ @jwt_required(refresh=True)
@safe
def refresh(self):
"""
diff --git a/flask_appbuilder/security/manager.py b/flask_appbuilder/security/manager.py
index fe7697007..3b22ab255 100644
--- a/flask_appbuilder/security/manager.py
+++ b/flask_appbuilder/security/manager.py
@@ -297,7 +297,7 @@ def create_jwt_manager(self, app) -> JWTManager:
"""
jwt_manager = JWTManager()
jwt_manager.init_app(app)
- jwt_manager.user_loader_callback_loader(self.load_user_jwt)
+ jwt_manager.user_lookup_loader(self.load_user_jwt)
return jwt_manager
def create_builtin_roles(self):
@@ -1944,7 +1944,8 @@ def del_permission_role(self, role, perm_view):
def load_user(self, pk):
return self.get_user_by_id(int(pk))
- def load_user_jwt(self, pk):
+ def load_user_jwt(self, _jwt_header, jwt_data):
+ pk = jwt_data["sub"]
user = self.load_user(pk)
# Set flask g.user to JWT user, we can't do it on before request
g.user = user