Skip to content

Instantly share code, notes, and snippets.

@AvasDream

AvasDream/jwt.md

Created January 23, 2020 14:14
Show Gist options
  • Save AvasDream/f1546b52df59d4ab9cfe5fcd3be204fa to your computer and use it in GitHub Desktop.
Save AvasDream/f1546b52df59d4ab9cfe5fcd3be204fa to your computer and use it in GitHub Desktop.
Download ZIP
Quick and dirty get all JWT tokens script for creating a permission matrix.
Raw
jwt.md 
import requests
import json
import time

users = [
    {
        "email": "[email protected]",
        "password": "password"
    }
]


def main():
    """ Login all Users """
    url = "https://test.de/login"
    results = ""
    raw_token = ""
    for elem in users:
        tmp = f"Email: {elem['email']}\n"
        resp = requests.post(url,
                             headers={
                                 "Authorization": f"{elem['email']}:{elem['password']}"
                             })
        data = resp.content.decode('utf-8')
        data_json = json.loads(data)
        # print(data_json)
        tmp += f"ID: {data_json['user']['id']}\n"
        for role in data_json['user']['extra_roles']:
            tmp += f"ROLE: {role['role']['name']}\n"
        tmp += f"TOKEN:\n {data_json['token']}"
        raw_token += f"{data_json['token']}\n"
        tmp += "\n\n"
        results += tmp + "\n"
    t = time.localtime()
    current_time = time.strftime("%H-%M-%S", t)
    fname = f"all-{current_time}.txt"
    f = open(fname, "w")
    f.write(results)
    f.close()
    fname2 = f"tokens-{current_time}.txt"
    f = open(fname2, "w")
    f.write(raw_token)
    f.close()
    print("Finished")


if __name__ == "__main__":
    main()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment