Flaschengeist/flaschengeist
Flaschengeist
/
flaschengeist
7
0
Fork 0
Code Issues 20 Pull Requests Packages Projects Releases 2 Wiki Activity

AccesTokenController ist ein Thread 

AccesTokenController schaut immer wieder nach, ob ein AccesToken noch valid ist.
Zeitabstand beträgt bis jetzt 10 SeKunden
ValidLifeTime beträgt bis jetzt 60 Sekunden
This commit is contained in:
Tim Gröger 2019-04-12 14:51:37 +02:00
parent 5c5799206f
commit 535b9cbc12
5 changed files with 45 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
geruecht/__init__.py
View File

@ -1,15 +1,18 @@
from flask import Flask from flask import Flask
from flask_sqlalchemy import SQLAlchemy from flask_sqlalchemy import SQLAlchemy
from flask_bcrypt import Bcrypt from flask_bcrypt import Bcrypt
from flask_cors import CORS
from .controller.accesTokenController import AccesTokenController from .controller.accesTokenController import AccesTokenController
# from flask_login import LoginManager # from flask_login import LoginManager
app = Flask(__name__) app = Flask(__name__)
CORS(app)
# app.config['SECRET_KEY'] = '0a657b97ef546da90b2db91862ad4e29' # app.config['SECRET_KEY'] = '0a657b97ef546da90b2db91862ad4e29'
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///site.db' app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///site.db'
db = SQLAlchemy(app) db = SQLAlchemy(app)
bcrypt = Bcrypt(app) bcrypt = Bcrypt(app)
accesTokenController = AccesTokenController() accesTokenController = AccesTokenController()
accesTokenController.start()
# login_manager = LoginManager(app) # login_manager = LoginManager(app)
# login_manager.login_view = 'login' # login_manager.login_view = 'login'
# login_manager.login_message_category = 'info' # login_manager.login_message_category = 'info'

32
geruecht/controller/accesTokenController.py
View File

@ -1,25 +1,51 @@
from geruecht.model.accessToken import AccessToken from geruecht.model.accessToken import AccessToken
from datetime import datetime from datetime import datetime
import time
from threading import Thread
import hashlib import hashlib
class AccesTokenController(): class AccesTokenController(Thread):
tokenList = None tokenList = None
self.lifetime = 60
def __init__(self): def __init__(self):
print("init AccesTokenControlle")
print("init threading")
Thread.__init__(self)
self.tokenList = [] self.tokenList = []
def findAccesToken(self, token): def findAccesToken(self, token):
print("search for AccesToken", token)
for accToken in self.tokenList: for accToken in self.tokenList:
if accToken == token: if accToken == token:
print("find AccesToken", accToken, "with token", token)
return accToken return accToken
print("no AccesToken with", token)
return None return None
def createAccesToken(self, user): def createAccesToken(self, user):
time = datetime.ctime(datetime.now()) print("create AccesToken")
token = hashlib.md5((time + user.password).encode('utf-8')).hexdigest() now = datetime.ctime(datetime.now())
token = hashlib.md5((now + user.password).encode('utf-8')).hexdigest()
self.tokenList.append(AccessToken(user, token)) self.tokenList.append(AccessToken(user, token))
print(self.tokenList) print(self.tokenList)
print("finished create AccesToken", token)
return token return token
def isSameGroup(self, accToken, group): def isSameGroup(self, accToken, group):
print("controll if", accToken, "hase group", group)
return True if accToken.user.group == group else False return True if accToken.user.group == group else False
def run(self):
while True:
print("start allocate")
for accToken in self.tokenList:
print("controle", accToken)
if (datetime.now() - accToken.timestamp).seconds > self.lifetime:
print("delete", accToken)
self.tokenList.remove(accToken)
else:
print("time is only", (datetime.now() - accToken.timestamp).seconds)
print(self.tokenList)
print("wait")
time.sleep(10)

1
geruecht/model/user.py
View File

@ -12,6 +12,7 @@ class User(db.Model):
def toJSON(self): def toJSON(self):
dic = { dic = {
"userId": self.userID,
"username": self.username, "username": self.username,
"firstname": self.firstname, "firstname": self.firstname,
"lastname": self.lastname, "lastname": self.lastname,

12
geruecht/routes.py
View File

@ -7,6 +7,7 @@ from flask import request, jsonify
MONEY = "moneymaster" MONEY = "moneymaster"
GASTRO = "gastro" GASTRO = "gastro"
USER = "user" USER = "user"
BAR = "bar"
def verifyAccessToken(token, group): def verifyAccessToken(token, group):
accToken = accesTokenController.findAccesToken(token) accToken = accesTokenController.findAccesToken(token)
@ -31,6 +32,15 @@ def _getFinanzer():
return jsonify(dic) return jsonify(dic)
return jsonify({"error": "permission denied"}), 401 return jsonify({"error": "permission denied"}), 401
@app.route("/valid", methods=['POST'])
def _valid():
data = request.get_json()
token = data["token"]
accToken = verifyAccessToken(token, MONEY)
if accToken is not None:
return jsonify(accToken.user.toJSON())
return jsonify({"error": "permission denied"}), 401
@app.route("/login", methods=['POST']) @app.route("/login", methods=['POST'])
def _login(): def _login():
data = request.get_json() data = request.get_json()
@ -43,7 +53,7 @@ def _login():
token = accesTokenController.createAccesToken(user) token = accesTokenController.createAccesToken(user)
dic = user.toJSON() dic = user.toJSON()
dic["token"] = token dic["token"] = token
return jsonify({user.userID: dic}) return jsonify(dic)
else: else:
return jsonify({"error": "wrong password"}), 401 return jsonify({"error": "wrong password"}), 401
return jsonify({"error": "wrong username"}), 402 return jsonify({"error": "wrong username"}), 402

BIN
geruecht/site.db
View File

Binary file not shown.