flaschengeist/geruecht/routes.py

63 lines
2.1 KiB
Python
Raw Normal View History

from geruecht import app, LOGGER
from geruecht.exceptions import PermissionDenied
import geruecht.controller.accesTokenController as ac
import geruecht.controller.userController as uc
from geruecht.model import MONEY, BAR, USER, GASTRO
2019-04-11 21:56:55 +00:00
from flask import request, jsonify
accesTokenController = ac.AccesTokenController()
userController = uc.UserController()
def login(user, password):
return user.login(password)
2020-01-17 00:05:58 +00:00
2019-04-23 22:08:25 +00:00
@app.route("/valid")
def _valid():
2019-04-23 22:08:25 +00:00
token = request.headers.get("Token")
2020-01-18 22:31:49 +00:00
accToken = accesTokenController.validateAccessToken(token, [MONEY])
if accToken:
2019-04-23 22:08:25 +00:00
return jsonify(accToken.user.toJSON())
2020-01-18 22:31:49 +00:00
accToken = accesTokenController.validateAccessToken(token, [BAR])
if accToken:
2019-04-23 22:08:25 +00:00
return jsonify(accToken.user.toJSON())
2020-01-18 22:31:49 +00:00
accToken = accesTokenController.validateAccessToken(token, [GASTRO])
if accToken:
2019-04-23 22:08:25 +00:00
return jsonify(accToken.user.toJSON())
2020-01-18 22:31:49 +00:00
accToken = accesTokenController.validateAccessToken(token, [USER])
if accToken:
return jsonify(accToken.user.toJSON())
return jsonify({"error": "permission denied"}), 401
2020-01-17 00:05:58 +00:00
2019-04-11 21:56:55 +00:00
@app.route("/login", methods=['POST'])
def _login():
2019-04-17 12:46:46 +00:00
""" Login User
2019-04-17 12:46:46 +00:00
Nothing to say.
Login in User and create an AccessToken for the User.
Returns:
A JSON-File with createt Token or Errors
"""
LOGGER.info("Start log in.")
2019-04-11 21:56:55 +00:00
data = request.get_json()
2019-12-22 21:27:39 +00:00
print(data)
LOGGER.debug("JSON from request: {}".format(data))
2019-04-11 21:56:55 +00:00
username = data['username']
password = data['password']
LOGGER.info("search {} in database".format(username))
try:
user = userController.loginUser(username, password)
2020-01-17 00:05:58 +00:00
user.password = password
token = accesTokenController.createAccesToken(user)
dic = accesTokenController.validateAccessToken(token, [USER]).user.toJSON()
dic["token"] = token
dic["accessToken"] = token
LOGGER.info("User {} success login.".format(username))
return jsonify(dic)
except PermissionDenied as err:
return jsonify({"error": str(err)}), 401
LOGGER.info("User {} does not exist.".format(username))
return jsonify({"error": "wrong username"}), 401