From 3f9fdc773c4a22cfbf58c37ae59a1d764cf8980f Mon Sep 17 00:00:00 2001 From: Ferdinand Thiessen Date: Thu, 15 Oct 2020 02:19:51 +0200 Subject: [PATCH] Fixed typos and timezone --- flaschengeist/modules/auth/__init__.py | 11 ++++++----- .../system/controller/accessTokenController.py | 2 +- flaschengeist/system/models/accessToken.py | 4 ++-- flaschengeist/system/models/user.py | 8 +++++--- 4 files changed, 14 insertions(+), 11 deletions(-) diff --git a/flaschengeist/modules/auth/__init__.py b/flaschengeist/modules/auth/__init__.py index 3fb8447..1943e58 100644 --- a/flaschengeist/modules/auth/__init__.py +++ b/flaschengeist/modules/auth/__init__.py @@ -36,26 +36,27 @@ def _create_token(): """ Login User Login in User and create an AccessToken for the User. + Requires POST data {'userid': string, 'password': string} Returns: A JSON-File with user information and created token or errors """ logger.debug("Start log in.") data = request.get_json() - username = data['username'] + userid = data['userid'] password = data['password'] - logger.debug("search user {{ {} }} in database".format(username)) - user = userController.login_user(username, password) + logger.debug("search user {{ {} }} in database".format(userid)) + user = userController.login_user(userid, password) if not user: raise Unauthorized logger.debug("user is {{ {} }}".format(user)) token = access_controller.create(user, user_agent=request.user_agent) logger.debug("access token is {{ {} }}".format(token)) - logger.info("User {{ {} }} success login.".format(username)) + logger.info("User {{ {} }} success login.".format(userid)) # Lets cleanup the DB access_controller.clear_expired() - return jsonify({"user": user, "token": token.token}) + return jsonify({"user": user, "token": token, "permissions": user.get_permissions()}) @auth_bp.route("/auth", methods=['GET']) diff --git a/flaschengeist/system/controller/accessTokenController.py b/flaschengeist/system/controller/accessTokenController.py index c4c2cfd..b82a2a3 100644 --- a/flaschengeist/system/controller/accessTokenController.py +++ b/flaschengeist/system/controller/accessTokenController.py @@ -3,7 +3,7 @@ from ..models.accessToken import AccessToken from flaschengeist.system.database import db from flaschengeist import logger from werkzeug.exceptions import Forbidden -from datetime import datetime, timedelta +from datetime import datetime, timezone from . import Singleton diff --git a/flaschengeist/system/models/accessToken.py b/flaschengeist/system/models/accessToken.py index f19b2b0..62149f8 100644 --- a/flaschengeist/system/models/accessToken.py +++ b/flaschengeist/system/models/accessToken.py @@ -1,4 +1,4 @@ -from datetime import datetime, timedelta +from datetime import datetime, timedelta, timezone from ..database import db from secrets import compare_digest from flaschengeist import logger @@ -39,7 +39,7 @@ class AccessToken(db.Model): """ return { "token": self.token, - "expires": self.expires, + "expires": self.expires.replace(tzinfo=timezone.utc), "lifetime": self.lifetime, "browser": self.browser, "platform": self.platform diff --git a/flaschengeist/system/models/user.py b/flaschengeist/system/models/user.py index 351f6f3..989baf1 100644 --- a/flaschengeist/system/models/user.py +++ b/flaschengeist/system/models/user.py @@ -61,6 +61,9 @@ class User(db.Model): if 'display_name' in data: self.display_name = data['display_name'] + def get_permissions(self): + return [permission.name for role in self.roles for permission in role.permissions] + def has_permissions(self, permissions): for role in self.roles: for permission in role.permissions: @@ -70,13 +73,12 @@ class User(db.Model): def serialize(self): return { - # TODO: username should be UID? - "username": self.uid, + "userid": self.uid, "display_name": self.display_name, "firstname": self.firstname, "lastname": self.lastname, "mail": self.mail, - "roles": ["user"] + [r.name for r in self.roles] + "roles": [r.name for r in self.roles] }