From 39095af89121a8c55e43b409ea08f6c24ecc1e2d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tim=20Gr=C3=B6ger?= <tim@groeger-clan.de>
Date: Sat, 7 Mar 2020 14:56:44 +0100
Subject: [PATCH] finished ##218

---
 geruecht/controller/accesTokenController.py | 25 ++++++++------
 geruecht/model/accessToken.py               |  3 +-
 geruecht/routes.py                          | 37 +++++++++++++++++++++
 3 files changed, 53 insertions(+), 12 deletions(-)

diff --git a/geruecht/controller/accesTokenController.py b/geruecht/controller/accesTokenController.py
index dd7a4ae..19d3951 100644
--- a/geruecht/controller/accesTokenController.py
+++ b/geruecht/controller/accesTokenController.py
@@ -53,25 +53,28 @@ class AccesTokenController(metaclass=Singleton):
         """
         LOGGER.info("Verify AccessToken with token: {} and group: {}".format(token, group))
         for accToken in self.tokenList:
-            LOGGER.debug("Check is token {} same as in AccessToken {}".format(token, accToken))
-            if accToken == token:
-                LOGGER.debug("AccessToken is {}".format(accToken))
-                endTime = accToken.timestamp + timedelta(seconds=self.lifetime)
-                now = datetime.now()
-                LOGGER.debug("Check if AccessToken's Endtime {} is bigger then now {}".format(endTime, now))
-                if now <= endTime:
+            LOGGER.debug("AccessToken is {}".format(accToken))
+            endTime = accToken.timestamp + timedelta(seconds=accToken.lifetime)
+            now = datetime.now()
+            LOGGER.debug("Check if AccessToken's Endtime {} is bigger then now {}".format(endTime, now))
+            if now <= endTime:
+                LOGGER.debug("Check is token {} same as in AccessToken {}".format(token, accToken))
+                if accToken == token:
                     self.checkBar(accToken.user)
                     LOGGER.debug("Check if AccesToken {} has same group {}".format(accToken, group))
                     if self.isSameGroup(accToken, group):
                         accToken.updateTimestamp()
                         LOGGER.info("Found AccessToken {} with token: {} and group: {}".format(accToken, token, group))
                         return accToken
-                else:
-                    LOGGER.debug("AccessToken {} is no longer valid and will removed".format(accToken))
-                    self.tokenList.remove(accToken)
+            else:
+                self.deleteAccessToken(accToken)
         LOGGER.info("Found no valid AccessToken with token: {} and group: {}".format(token, group))
         return False
 
+    def deleteAccessToken(self, accToken):
+        LOGGER.debug("AccessToken {} is no longer valid and will removed".format(accToken))
+        self.tokenList.remove(accToken)
+
     def createAccesToken(self, user, ldap_conn):
         """ Create an AccessToken
 
@@ -87,7 +90,7 @@ class AccesTokenController(metaclass=Singleton):
         now = datetime.ctime(datetime.now())
         token = hashlib.md5((now + user.dn).encode('utf-8')).hexdigest()
         self.checkBar(user)
-        accToken = AccessToken(user, token, ldap_conn, datetime.now())
+        accToken = AccessToken(user, token, ldap_conn, self.lifetime, datetime.now())
         LOGGER.debug("Add AccessToken {} to current Tokens".format(accToken))
         self.tokenList.append(accToken)
         LOGGER.info("Finished create AccessToken {} with Token {}".format(accToken, token))
diff --git a/geruecht/model/accessToken.py b/geruecht/model/accessToken.py
index f63db6c..577010c 100644
--- a/geruecht/model/accessToken.py
+++ b/geruecht/model/accessToken.py
@@ -17,7 +17,7 @@ class AccessToken():
     token = None
     ldap_conn = None
 
-    def __init__(self, user, token, ldap_conn, timestamp=datetime.now()):
+    def __init__(self, user, token, ldap_conn, lifetime, timestamp=datetime.now()):
         """ Initialize Class AccessToken
 
             No more to say.
@@ -30,6 +30,7 @@ class AccessToken():
         LOGGER.debug("Initialize AccessToken")
         self.user = user
         self.timestamp = timestamp
+        self.lifetime = lifetime
         self.token = token
         self.ldap_conn = ldap_conn
 
diff --git a/geruecht/routes.py b/geruecht/routes.py
index 4fedfcd..05dced8 100644
--- a/geruecht/routes.py
+++ b/geruecht/routes.py
@@ -77,6 +77,43 @@ def _getUsers(**kwargs):
     except Exception as err:
         return jsonify({"error": str(err)}), 500
 
+@app.route("/getLifeTime", methods=['GET'])
+@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER])
+def _getLifeTime(**kwargs):
+    try:
+        if 'accToken' in kwargs:
+            accToken = kwargs['accToken']
+            return jsonify({"value": accToken.lifetime})
+    except Exception as err:
+        return jsonify({"error": str(err)}), 500
+
+@app.route("/saveLifeTime", methods=['POST'])
+@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER])
+def _saveLifeTime(**kwargs):
+    try:
+        if 'accToken' in kwargs:
+            accToken = kwargs['accToken']
+
+            data = request.get_json()
+            lifetime = data['value']
+            accToken.lifetime = lifetime
+            accToken.updateTimestamp()
+
+            return jsonify({"value": accToken.lifetime})
+    except Exception as err:
+        return jsonify({"error": str(err)}), 500
+
+@app.route("/logout", methods=['GET'])
+@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER])
+def _logout(**kwargs):
+    try:
+        if 'accToken' in kwargs:
+            accToken = kwargs['accToken']
+            accesTokenController.deleteAccessToken(accToken)
+            return jsonify({"ok": "ok"})
+    except Exception as err:
+        return jsonify({"error": str(err)}), 500
+
 @app.route("/login", methods=['POST'])
 def _login():
     """ Login User