AccesTokenController ist ein Thread

AccesTokenController schaut immer wieder nach, ob ein AccesToken noch valid ist. Zeitabstand beträgt bis jetzt 10 SeKunden ValidLifeTime beträgt bis jetzt 60 Sekunden
2019-04-12 14:51:37 +02:00 · 2019-04-12 14:51:37 +02:00 · 535b9cbc12
parent 5c5799206f
commit 535b9cbc12
5 changed files with 45 additions and 5 deletions
--- a/geruecht/init.py
+++ b/geruecht/init.py
@ -1,15 +1,18 @@
 from flask import Flask
 from flask_sqlalchemy import SQLAlchemy
 from flask_bcrypt import Bcrypt
+from flask_cors import CORS
 from .controller.accesTokenController import AccesTokenController
 # from flask_login import LoginManager

 app = Flask(__name__)
+CORS(app)
 # app.config['SECRET_KEY'] = '0a657b97ef546da90b2db91862ad4e29'
 app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///site.db'
 db = SQLAlchemy(app)
 bcrypt = Bcrypt(app)
 accesTokenController = AccesTokenController()
+accesTokenController.start()
 # login_manager = LoginManager(app)
 # login_manager.login_view = 'login'
 # login_manager.login_message_category = 'info'
--- a/geruecht/controller/accesTokenController.py
+++ b/geruecht/controller/accesTokenController.py
@ -1,25 +1,51 @@
 from geruecht.model.accessToken import AccessToken
 from datetime import datetime
+import time
+from threading import Thread
 import hashlib

-class AccesTokenController():
+class AccesTokenController(Thread):
    tokenList = None
+    self.lifetime = 60

    def __init__(self):
+        print("init AccesTokenControlle")
+        print("init threading")
+        Thread.__init__(self)
        self.tokenList = []

    def findAccesToken(self, token):
+        print("search for AccesToken", token)
        for accToken in self.tokenList:
            if accToken == token:
+                print("find AccesToken", accToken, "with token", token)
                return accToken
+        print("no AccesToken with", token)
        return None

    def createAccesToken(self, user):
-        time = datetime.ctime(datetime.now())
-        token = hashlib.md5((time + user.password).encode('utf-8')).hexdigest()
+        print("create AccesToken")
+        now = datetime.ctime(datetime.now())
+        token = hashlib.md5((now + user.password).encode('utf-8')).hexdigest()
        self.tokenList.append(AccessToken(user, token))
        print(self.tokenList)
+        print("finished create AccesToken", token)
        return token

    def isSameGroup(self, accToken, group):
+        print("controll if", accToken, "hase group", group)
        return True if accToken.user.group == group else False
+
+    def run(self):
+        while True:
+            print("start allocate")
+            for accToken in self.tokenList:
+                print("controle", accToken)
+                if (datetime.now() - accToken.timestamp).seconds > self.lifetime:
+                    print("delete", accToken)
+                    self.tokenList.remove(accToken)
+                else:
+                    print("time is only", (datetime.now() - accToken.timestamp).seconds)
+            print(self.tokenList)
+            print("wait")
+            time.sleep(10)
--- a/geruecht/model/user.py
+++ b/geruecht/model/user.py
@ -12,6 +12,7 @@ class User(db.Model):

    def toJSON(self):
        dic = {
+            "userId": self.userID,
            "username": self.username,
            "firstname": self.firstname,
            "lastname": self.lastname,
--- a/geruecht/routes.py
+++ b/geruecht/routes.py
@ -7,6 +7,7 @@ from flask import request, jsonify
 MONEY = "moneymaster"
 GASTRO = "gastro"
 USER = "user"
+BAR = "bar"

 def verifyAccessToken(token, group):
    accToken = accesTokenController.findAccesToken(token)
@ -31,6 +32,15 @@ def _getFinanzer():
        return jsonify(dic)
    return jsonify({"error": "permission denied"}), 401

+@app.route("/valid", methods=['POST'])
+def _valid():
+    data = request.get_json()
+    token = data["token"]
+    accToken = verifyAccessToken(token, MONEY)
+    if accToken is not None:
+        return jsonify(accToken.user.toJSON())
+    return jsonify({"error": "permission denied"}), 401
+
@app.route("/login", methods=['POST'])
 def _login():
    data = request.get_json()
@ -43,11 +53,11 @@ def _login():
            token = accesTokenController.createAccesToken(user)
            dic = user.toJSON()
            dic["token"] = token
-            return jsonify({user.userID: dic})
+            return jsonify(dic)
        else:
            return jsonify({"error": "wrong password"}), 401
    return jsonify({"error": "wrong username"}), 402       
-    
+

@app.route("/getFinanzer")
 def getFinanzer():
--- a/geruecht/site.db
+++ b/geruecht/site.db