flaschengeist/geruecht/routes.py

83 lines
2.7 KiB
Python
Raw Normal View History

from geruecht import app, LOGGER
from geruecht.exceptions import PermissionDenied
import geruecht.controller.accesTokenController as ac
import geruecht.controller.userController as uc
from geruecht.model import MONEY, BAR, USER, GASTRO
2019-04-11 21:56:55 +00:00
from flask import request, jsonify
accesTokenController = ac.AccesTokenController()
userController = uc.UserController()
def login(user, password):
return user.login(password)
2020-01-17 00:05:58 +00:00
2019-04-23 22:08:25 +00:00
@app.route("/valid")
def _valid():
2019-04-23 22:08:25 +00:00
token = request.headers.get("Token")
2020-01-18 22:31:49 +00:00
accToken = accesTokenController.validateAccessToken(token, [MONEY])
if accToken:
2019-04-23 22:08:25 +00:00
return jsonify(accToken.user.toJSON())
2020-01-18 22:31:49 +00:00
accToken = accesTokenController.validateAccessToken(token, [BAR])
if accToken:
2019-04-23 22:08:25 +00:00
return jsonify(accToken.user.toJSON())
2020-01-18 22:31:49 +00:00
accToken = accesTokenController.validateAccessToken(token, [GASTRO])
if accToken:
2019-04-23 22:08:25 +00:00
return jsonify(accToken.user.toJSON())
2020-01-18 22:31:49 +00:00
accToken = accesTokenController.validateAccessToken(token, [USER])
if accToken:
return jsonify(accToken.user.toJSON())
return jsonify({"error": "permission denied"}), 401
2020-02-27 20:55:00 +00:00
@app.route("/pricelist", methods=['GET'])
def _getPricelist():
try:
retVal = userController.getPricelist()
print(retVal)
return jsonify(retVal)
except Exception as err:
return jsonify({"error": str(err)})
@app.route('/drinkTypes', methods=['GET'])
def getTypes():
try:
retVal = userController.getAllDrinkTypes()
return jsonify(retVal)
except Exception as err:
return jsonify({"error": str(err)}), 500
2020-02-27 20:55:00 +00:00
2020-01-17 00:05:58 +00:00
2019-04-11 21:56:55 +00:00
@app.route("/login", methods=['POST'])
def _login():
2019-04-17 12:46:46 +00:00
""" Login User
2019-04-17 12:46:46 +00:00
Nothing to say.
Login in User and create an AccessToken for the User.
Returns:
A JSON-File with createt Token or Errors
"""
LOGGER.info("Start log in.")
2019-04-11 21:56:55 +00:00
data = request.get_json()
2019-12-22 21:27:39 +00:00
print(data)
LOGGER.debug("JSON from request: {}".format(data))
2019-04-11 21:56:55 +00:00
username = data['username']
password = data['password']
LOGGER.info("search {} in database".format(username))
try:
2020-01-26 22:31:22 +00:00
user, ldap_conn = userController.loginUser(username, password)
2020-01-17 00:05:58 +00:00
user.password = password
2020-01-26 22:31:22 +00:00
token = accesTokenController.createAccesToken(user, ldap_conn)
dic = accesTokenController.validateAccessToken(token, [USER]).user.toJSON()
dic["token"] = token
dic["accessToken"] = token
LOGGER.info("User {} success login.".format(username))
return jsonify(dic)
except PermissionDenied as err:
return jsonify({"error": str(err)}), 401
except Exception:
return jsonify({"error": "permission denied"}), 401
LOGGER.info("User {} does not exist.".format(username))
return jsonify({"error": "wrong username"}), 401