feature-8986: API to get user ID with JWT token (#8989)

* feature-8986: API to get user ID with JWT token

* feature-8986: API to get user ID with JWT token

* feature-8986: API to get user ID with JWT token

* feature-8986: API to get user ID with JWT token

* feature-8986: Update documentation for API

---------

Co-authored-by: ntthitrinh <[email protected]>
Co-authored-by: cweitat <[email protected]>

Author: 3 people

app/api/custom/users.py

@@ -0,0 +1,30 @@
+import jwt
+from flask import Blueprint, current_app, request
+
+from app.api.helpers.permissions import jwt_required
+
+users_routes = Blueprint('users_routes', __name__, url_prefix='/v1/users')
+
+
+@users_routes.route('/user-details/get-user-id', methods=['GET'])
+@jwt_required
+def get_user_id():
+    """
+    Get user id from token
+    """
+    token = None
+    if "Authorization" in request.headers:
+        token = request.headers["Authorization"].split(" ")[1]
+    if not token:
+        return {
+            "message": "Authentication Token is missing!",
+            "data": None,
+            "error": "Unauthorized",
+        }, 401
+    try:
+        data = jwt.decode(token, current_app.config["SECRET_KEY"], algorithms=["HS256"])
+        if not data.get('identity', False):
+            return {"message": "Can't get user id!", "data": None}, 404
+        return {"user_id": data["identity"]}, 200
+    except UnicodeDecodeError:
+        return {"message": "Can't get user id!", "data": None}, 500

app/instance.py

@@ -169,6 +169,7 @@ def create_app():
         from app.api.custom.group_role_invite import group_role_invites_routes
         from app.api.video_stream import streams_routes
         from app.api.events import events_blueprint
+        from app.api.custom.users import users_routes
 
         app.register_blueprint(api_v1)
         app.register_blueprint(event_copy)
@@ -202,6 +203,7 @@ def create_app():
         app.register_blueprint(events_blueprint)
         app.register_blueprint(tickets_routes)
         app.register_blueprint(group_role_invites_routes)
+        app.register_blueprint(users_routes)
 
         add_engine_pidguard(db.engine)
 

docs/api/blueprint/user/users.apib

@@ -1471,3 +1471,24 @@ Check if the email passed is available or not. True is returned if the email is
         {
             "exists": true
         }
+
+
+## Get User ID [/v1/users/user-details/get-user-id]
+
+### Get User ID [GET]
+
+Get the user id using JWT token
+
++ Request
+
+    + Headers
+
+            Accept: application/json
+
+            Authorization: JWT <Auth Key>
+
++ Response 200 (application/json)
+
+        {
+            "user_id": "2"
+        }

tests/all/integration/api/helpers/test_auth.py

@@ -1,3 +1,5 @@
+import json
+
 from flask_login import login_user, logout_user
 
 from app.api.helpers.auth import AuthManager
@@ -41,3 +43,16 @@ def test_check_auth_admin(db):
     user.is_admin = False
     status = AuthManager.check_auth_admin('[email protected]', 'password')
     assert False == status
+
+
+def test_get_user_id(client, jwt):
+    """Method to test get user id"""
+
+    response = client.get(
+        '/v1/users/user-details/get-user-id',
+        content_type='application/vnd.api+json',
+        headers=jwt,
+    )
+
+    assert response.status_code == 200
+    assert json.loads(response.data)['user_id']