AccesTokenController ist ein Thread

AccesTokenController schaut immer wieder nach, ob ein AccesToken noch valid ist.
Zeitabstand beträgt bis jetzt 10 SeKunden
ValidLifeTime beträgt bis jetzt 60 Sekunden
This commit is contained in:
Tim Gröger 2019-04-12 14:51:37 +02:00
parent 5c5799206f
commit 535b9cbc12
5 changed files with 45 additions and 5 deletions

View File

@ -1,15 +1,18 @@
from flask import Flask
from flask_sqlalchemy import SQLAlchemy
from flask_bcrypt import Bcrypt
from flask_cors import CORS
from .controller.accesTokenController import AccesTokenController
# from flask_login import LoginManager
app = Flask(__name__)
CORS(app)
# app.config['SECRET_KEY'] = '0a657b97ef546da90b2db91862ad4e29'
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///site.db'
db = SQLAlchemy(app)
bcrypt = Bcrypt(app)
accesTokenController = AccesTokenController()
accesTokenController.start()
# login_manager = LoginManager(app)
# login_manager.login_view = 'login'
# login_manager.login_message_category = 'info'

View File

@ -1,25 +1,51 @@
from geruecht.model.accessToken import AccessToken
from datetime import datetime
import time
from threading import Thread
import hashlib
class AccesTokenController():
class AccesTokenController(Thread):
tokenList = None
self.lifetime = 60
def __init__(self):
print("init AccesTokenControlle")
print("init threading")
Thread.__init__(self)
self.tokenList = []
def findAccesToken(self, token):
print("search for AccesToken", token)
for accToken in self.tokenList:
if accToken == token:
print("find AccesToken", accToken, "with token", token)
return accToken
print("no AccesToken with", token)
return None
def createAccesToken(self, user):
time = datetime.ctime(datetime.now())
token = hashlib.md5((time + user.password).encode('utf-8')).hexdigest()
print("create AccesToken")
now = datetime.ctime(datetime.now())
token = hashlib.md5((now + user.password).encode('utf-8')).hexdigest()
self.tokenList.append(AccessToken(user, token))
print(self.tokenList)
print("finished create AccesToken", token)
return token
def isSameGroup(self, accToken, group):
print("controll if", accToken, "hase group", group)
return True if accToken.user.group == group else False
def run(self):
while True:
print("start allocate")
for accToken in self.tokenList:
print("controle", accToken)
if (datetime.now() - accToken.timestamp).seconds > self.lifetime:
print("delete", accToken)
self.tokenList.remove(accToken)
else:
print("time is only", (datetime.now() - accToken.timestamp).seconds)
print(self.tokenList)
print("wait")
time.sleep(10)

View File

@ -12,6 +12,7 @@ class User(db.Model):
def toJSON(self):
dic = {
"userId": self.userID,
"username": self.username,
"firstname": self.firstname,
"lastname": self.lastname,

View File

@ -7,6 +7,7 @@ from flask import request, jsonify
MONEY = "moneymaster"
GASTRO = "gastro"
USER = "user"
BAR = "bar"
def verifyAccessToken(token, group):
accToken = accesTokenController.findAccesToken(token)
@ -31,6 +32,15 @@ def _getFinanzer():
return jsonify(dic)
return jsonify({"error": "permission denied"}), 401
@app.route("/valid", methods=['POST'])
def _valid():
data = request.get_json()
token = data["token"]
accToken = verifyAccessToken(token, MONEY)
if accToken is not None:
return jsonify(accToken.user.toJSON())
return jsonify({"error": "permission denied"}), 401
@app.route("/login", methods=['POST'])
def _login():
data = request.get_json()
@ -43,11 +53,11 @@ def _login():
token = accesTokenController.createAccesToken(user)
dic = user.toJSON()
dic["token"] = token
return jsonify({user.userID: dic})
return jsonify(dic)
else:
return jsonify({"error": "wrong password"}), 401
return jsonify({"error": "wrong username"}), 402
@app.route("/getFinanzer")
def getFinanzer():

Binary file not shown.