2019-12-28 20:52:49 +00:00
|
|
|
from geruecht import app, LOGGER
|
|
|
|
from geruecht.exceptions import PermissionDenied
|
2020-01-18 23:37:40 +00:00
|
|
|
import geruecht.controller.accesTokenController as ac
|
|
|
|
import geruecht.controller.userController as uc
|
2019-12-28 20:52:49 +00:00
|
|
|
from geruecht.model import MONEY, BAR, USER, GASTRO
|
2019-04-11 21:56:55 +00:00
|
|
|
from flask import request, jsonify
|
|
|
|
|
2020-01-18 23:37:40 +00:00
|
|
|
accesTokenController = ac.AccesTokenController()
|
|
|
|
userController = uc.UserController()
|
2019-12-28 20:52:49 +00:00
|
|
|
|
2019-12-19 17:26:41 +00:00
|
|
|
def login(user, password):
|
|
|
|
return user.login(password)
|
|
|
|
|
2020-01-17 00:05:58 +00:00
|
|
|
|
2019-04-23 22:08:25 +00:00
|
|
|
@app.route("/valid")
|
2019-04-12 12:51:37 +00:00
|
|
|
def _valid():
|
2019-04-23 22:08:25 +00:00
|
|
|
token = request.headers.get("Token")
|
2020-01-18 22:31:49 +00:00
|
|
|
accToken = accesTokenController.validateAccessToken(token, [MONEY])
|
2019-12-28 10:31:45 +00:00
|
|
|
if accToken:
|
2019-04-23 22:08:25 +00:00
|
|
|
return jsonify(accToken.user.toJSON())
|
2020-01-18 22:31:49 +00:00
|
|
|
accToken = accesTokenController.validateAccessToken(token, [BAR])
|
2019-12-28 10:31:45 +00:00
|
|
|
if accToken:
|
2019-04-23 22:08:25 +00:00
|
|
|
return jsonify(accToken.user.toJSON())
|
2020-01-18 22:31:49 +00:00
|
|
|
accToken = accesTokenController.validateAccessToken(token, [GASTRO])
|
2019-12-28 10:31:45 +00:00
|
|
|
if accToken:
|
2019-04-23 22:08:25 +00:00
|
|
|
return jsonify(accToken.user.toJSON())
|
2020-01-18 22:31:49 +00:00
|
|
|
accToken = accesTokenController.validateAccessToken(token, [USER])
|
2019-12-28 10:31:45 +00:00
|
|
|
if accToken:
|
2019-04-12 12:51:37 +00:00
|
|
|
return jsonify(accToken.user.toJSON())
|
|
|
|
return jsonify({"error": "permission denied"}), 401
|
|
|
|
|
2020-02-27 20:55:00 +00:00
|
|
|
@app.route("/pricelist", methods=['GET'])
|
|
|
|
def _getPricelist():
|
|
|
|
try:
|
|
|
|
retVal = userController.getPricelist()
|
|
|
|
print(retVal)
|
|
|
|
return jsonify(retVal)
|
|
|
|
except Exception as err:
|
|
|
|
return jsonify({"error": str(err)})
|
|
|
|
|
|
|
|
|
2020-01-17 00:05:58 +00:00
|
|
|
|
2019-04-11 21:56:55 +00:00
|
|
|
@app.route("/login", methods=['POST'])
|
|
|
|
def _login():
|
2019-04-17 12:46:46 +00:00
|
|
|
""" Login User
|
2019-05-01 20:43:28 +00:00
|
|
|
|
2019-04-17 12:46:46 +00:00
|
|
|
Nothing to say.
|
|
|
|
Login in User and create an AccessToken for the User.
|
|
|
|
|
|
|
|
Returns:
|
|
|
|
A JSON-File with createt Token or Errors
|
|
|
|
"""
|
2019-05-02 23:40:13 +00:00
|
|
|
LOGGER.info("Start log in.")
|
2019-04-11 21:56:55 +00:00
|
|
|
data = request.get_json()
|
2019-12-22 21:27:39 +00:00
|
|
|
print(data)
|
2019-05-02 23:40:13 +00:00
|
|
|
LOGGER.debug("JSON from request: {}".format(data))
|
2019-04-11 21:56:55 +00:00
|
|
|
username = data['username']
|
|
|
|
password = data['password']
|
2019-12-19 07:12:29 +00:00
|
|
|
LOGGER.info("search {} in database".format(username))
|
2019-12-28 20:52:49 +00:00
|
|
|
try:
|
2020-01-26 22:31:22 +00:00
|
|
|
user, ldap_conn = userController.loginUser(username, password)
|
2020-01-17 00:05:58 +00:00
|
|
|
user.password = password
|
2020-01-26 22:31:22 +00:00
|
|
|
token = accesTokenController.createAccesToken(user, ldap_conn)
|
2020-01-18 23:37:40 +00:00
|
|
|
dic = accesTokenController.validateAccessToken(token, [USER]).user.toJSON()
|
2019-12-28 20:52:49 +00:00
|
|
|
dic["token"] = token
|
|
|
|
dic["accessToken"] = token
|
|
|
|
LOGGER.info("User {} success login.".format(username))
|
|
|
|
return jsonify(dic)
|
|
|
|
except PermissionDenied as err:
|
|
|
|
return jsonify({"error": str(err)}), 401
|
2020-01-21 05:54:35 +00:00
|
|
|
except Exception:
|
|
|
|
return jsonify({"error": "permission denied"}), 401
|
2019-05-02 23:40:13 +00:00
|
|
|
LOGGER.info("User {} does not exist.".format(username))
|
2019-12-28 20:52:49 +00:00
|
|
|
return jsonify({"error": "wrong username"}), 401
|