added decoratos for connected in database and login_requird in routes
This commit is contained in:
parent
29f20b2327
commit
f782be934d
|
|
@ -15,7 +15,7 @@ from flask_cors import CORS
|
|||
LOGGER.info("Build APP")
|
||||
app = Flask(__name__)
|
||||
CORS(app)
|
||||
# app.config['SECRET_KEY'] = '0a657b97ef546da90b2db91862ad4e29'
|
||||
app.config['SECRET_KEY'] = '0a657b97ef546da90b2db91862ad4e29'
|
||||
|
||||
from geruecht import routes
|
||||
from geruecht.baruser.routes import baruser
|
||||
|
|
|
|||
|
|
@ -1,19 +1,20 @@
|
|||
from flask import Blueprint, request, jsonify
|
||||
import geruecht.controller as gc
|
||||
import geruecht.controller.ldapController as lc
|
||||
import geruecht.controller.accesTokenController as ac
|
||||
import geruecht.controller.userController as uc
|
||||
from datetime import datetime
|
||||
from geruecht.model import BAR, MONEY
|
||||
from geruecht.decorator import login_required
|
||||
|
||||
baruser = Blueprint("baruser", __name__)
|
||||
|
||||
ldap= lc.LDAPController(gc.ldapConfig['URL'], gc.ldapConfig['dn'])
|
||||
accesTokenController = ac.AccesTokenController()
|
||||
userController = uc.UserController()
|
||||
|
||||
|
||||
@baruser.route("/bar")
|
||||
def _bar():
|
||||
@login_required(groups=[BAR])
|
||||
def _bar(**kwargs):
|
||||
""" Main function for Baruser
|
||||
|
||||
Returns JSON-file with all Users, who hast amounts in this month.
|
||||
|
|
@ -22,13 +23,7 @@ def _bar():
|
|||
JSON-File with Users, who has amounts in this month
|
||||
or ERROR 401 Permission Denied
|
||||
"""
|
||||
print(request.headers)
|
||||
token = request.headers.get("Token")
|
||||
print(token)
|
||||
accToken = accesTokenController.validateAccessToken(token, [BAR])
|
||||
|
||||
dic = {}
|
||||
if accToken:
|
||||
users = userController.getAllUsersfromDB()
|
||||
for user in users:
|
||||
geruecht = None
|
||||
|
|
@ -50,10 +45,11 @@ def _bar():
|
|||
"type": type
|
||||
}
|
||||
return jsonify(dic)
|
||||
return jsonify({"error": "permission denied"}), 401
|
||||
|
||||
|
||||
@baruser.route("/baradd", methods=['POST'])
|
||||
def _baradd():
|
||||
@login_required(groups=[BAR])
|
||||
def _baradd(**kwargs):
|
||||
""" Function for Baruser to add amount
|
||||
|
||||
This function added to the user with the posted userID the posted amount.
|
||||
|
|
@ -62,11 +58,6 @@ def _baradd():
|
|||
JSON-File with userID and the amount
|
||||
or ERROR 401 Permission Denied
|
||||
"""
|
||||
token = request.headers.get("Token")
|
||||
print(token)
|
||||
accToken = accesTokenController.validateAccessToken(token, [BAR])
|
||||
|
||||
if accToken:
|
||||
data = request.get_json()
|
||||
userID = data['userId']
|
||||
amount = int(data['amount'])
|
||||
|
|
@ -87,10 +78,11 @@ def _baradd():
|
|||
dic['type'] = type
|
||||
|
||||
return jsonify(dic)
|
||||
return jsonify({"error", "permission denied"}), 401
|
||||
|
||||
|
||||
@baruser.route("/barGetUsers")
|
||||
def _getUsers():
|
||||
@login_required(groups=[BAR, MONEY])
|
||||
def _getUsers(**kwargs):
|
||||
""" Get Users without amount
|
||||
|
||||
This Function returns all Users, who hasn't an amount in this month.
|
||||
|
|
@ -99,21 +91,14 @@ def _getUsers():
|
|||
JSON-File with Users
|
||||
or ERROR 401 Permission Denied
|
||||
"""
|
||||
token = request.headers.get("Token")
|
||||
print(token)
|
||||
accToken = accesTokenController.validateAccessToken(token, [BAR])
|
||||
|
||||
retVal = {}
|
||||
if accToken:
|
||||
retVal = ldap.getAllUser()
|
||||
return jsonify(retVal)
|
||||
return jsonify({"error": "permission denied"}), 401
|
||||
|
||||
|
||||
@baruser.route("/barGetUser", methods=['POST'])
|
||||
def _getUser():
|
||||
token = request.headers.get("Token")
|
||||
accToken = accesTokenController.validateAccessToken(token, [BAR])
|
||||
if accToken:
|
||||
@login_required(groups=[BAR])
|
||||
def _getUser(**kwargs):
|
||||
data = request.get_json()
|
||||
username = data['userId']
|
||||
user = userController.getUser(username)
|
||||
|
|
@ -127,20 +112,12 @@ def _getUser():
|
|||
retVal['amount'] = amount
|
||||
retVal['type'] = type
|
||||
return jsonify(retVal)
|
||||
return jsonify("error", "permission denied"), 401
|
||||
|
||||
|
||||
@baruser.route("/search", methods=['POST'])
|
||||
def _search():
|
||||
token = request.headers.get("Token")
|
||||
print(token)
|
||||
accToken = accesTokenController.validateAccessToken(token, [BAR, MONEY])
|
||||
|
||||
if accToken:
|
||||
@login_required(groups=[BAR, MONEY])
|
||||
def _search(**kwargs):
|
||||
data = request.get_json()
|
||||
|
||||
searchString = data['searchString']
|
||||
|
||||
retVal = ldap.searchUser(searchString)
|
||||
|
||||
return jsonify(retVal)
|
||||
return jsonify({"error": "permission denied"}), 401
|
||||
|
|
|
|||
|
|
@ -4,6 +4,14 @@ from geruecht.model.user import User
|
|||
from geruecht.model.creditList import CreditList
|
||||
from datetime import datetime, timedelta
|
||||
|
||||
def connected(func):
|
||||
def wrapper(*args, **kwargs):
|
||||
self = args[0]
|
||||
if not self.db.open:
|
||||
self.connect()
|
||||
return func(*args,**kwargs)
|
||||
return wrapper
|
||||
|
||||
class DatabaseController(metaclass=Singleton):
|
||||
'''
|
||||
DatabaesController
|
||||
|
|
@ -24,16 +32,12 @@ class DatabaseController(metaclass=Singleton):
|
|||
self.db = pymysql.connect(self.url, self.user, self.password, self.database, cursorclass=pymysql.cursors.DictCursor)
|
||||
except Exception as err:
|
||||
raise err
|
||||
|
||||
@connected
|
||||
def getAllUser(self):
|
||||
self.connect()
|
||||
cursor = self.db.cursor()
|
||||
try:
|
||||
cursor.execute("select * from user")
|
||||
data = cursor.fetchall()
|
||||
self.db.close()
|
||||
except Exception as err:
|
||||
raise err
|
||||
|
||||
if data:
|
||||
retVal = []
|
||||
|
|
@ -43,34 +47,26 @@ class DatabaseController(metaclass=Singleton):
|
|||
user.initGeruechte(creditLists)
|
||||
retVal.append(user)
|
||||
return retVal
|
||||
|
||||
@connected
|
||||
def getUser(self, username):
|
||||
self.connect()
|
||||
retVal = None
|
||||
cursor = self.db.cursor()
|
||||
try:
|
||||
cursor.execute("select * from user where uid='{}'".format(username))
|
||||
data = cursor.fetchone()
|
||||
self.db.close()
|
||||
except Exception as err:
|
||||
raise err
|
||||
if data:
|
||||
retVal = User(data)
|
||||
creditLists = self.getCreditListFromUser(retVal)
|
||||
retVal.initGeruechte(creditLists)
|
||||
|
||||
return retVal
|
||||
|
||||
@connected
|
||||
def getUserById(self, id):
|
||||
self.connect()
|
||||
retVal = None
|
||||
try:
|
||||
cursor = self.db.cursor()
|
||||
cursor.execute("select * from user where id={}".format(id))
|
||||
data = cursor.fetchone()
|
||||
self.db.close()
|
||||
except Exception as err:
|
||||
raise err
|
||||
if data:
|
||||
retVal = User(data)
|
||||
creditLists = self.getCreditListFromUser(retVal)
|
||||
|
|
@ -85,8 +81,8 @@ class DatabaseController(metaclass=Singleton):
|
|||
retVal += group
|
||||
return retVal
|
||||
|
||||
@connected
|
||||
def insertUser(self, user):
|
||||
self.connect()
|
||||
cursor = self.db.cursor()
|
||||
groups = self._convertGroupToString(user.group)
|
||||
try:
|
||||
|
|
@ -99,8 +95,8 @@ class DatabaseController(metaclass=Singleton):
|
|||
raise err
|
||||
self.db.close()
|
||||
|
||||
@connected
|
||||
def updateUser(self, user):
|
||||
self.connect()
|
||||
cursor = self.db.cursor()
|
||||
groups = self._convertGroupToString(user.group)
|
||||
try:
|
||||
|
|
@ -117,10 +113,9 @@ class DatabaseController(metaclass=Singleton):
|
|||
|
||||
self.db.close()
|
||||
|
||||
@connected
|
||||
def getCreditListFromUser(self, user, **kwargs):
|
||||
self.connect()
|
||||
cursor = self.db.cursor()
|
||||
try:
|
||||
if 'year' in kwargs:
|
||||
sql = "select * from creditList where user_id={} and year_date={}".format(user.id, kwargs['year'])
|
||||
else:
|
||||
|
|
@ -128,27 +123,25 @@ class DatabaseController(metaclass=Singleton):
|
|||
cursor.execute(sql)
|
||||
data = cursor.fetchall()
|
||||
self.db.close()
|
||||
except Exception as err:
|
||||
self.db.close()
|
||||
raise err
|
||||
if len(data) == 1:
|
||||
return [CreditList(data[0])]
|
||||
else:
|
||||
return [CreditList(value) for value in data]
|
||||
|
||||
@connected
|
||||
def createCreditList(self, user_id, year=datetime.now().year):
|
||||
self.connect()
|
||||
cursor = self.db.cursor()
|
||||
try:
|
||||
cursor.execute("insert into creditList (year_date, user_id) values ({},{})".format(year, user_id))
|
||||
self.db.commit()
|
||||
self.db.close()
|
||||
except Exception as err:
|
||||
self.db.rollback()
|
||||
self.db.close()
|
||||
raise err
|
||||
|
||||
@connected
|
||||
def updateCreditList(self, creditlist):
|
||||
self.connect()
|
||||
cursor = self.db.cursor()
|
||||
try:
|
||||
cursor.execute("select * from creditList where user_id={} and year_date={}".format(creditlist.user_id, creditlist.year))
|
||||
|
|
@ -179,32 +172,24 @@ class DatabaseController(metaclass=Singleton):
|
|||
self.db.rollback()
|
||||
self.db.close()
|
||||
raise err
|
||||
|
||||
@connected
|
||||
def getWorker(self, user, date):
|
||||
self.connect()
|
||||
try:
|
||||
cursor = self.db.cursor()
|
||||
cursor.execute("select * from bardienste where user_id={} and startdatetime='{}'".format(user.id, date))
|
||||
data = cursor.fetchone()
|
||||
self.db.close()
|
||||
except Exception as err:
|
||||
raise err
|
||||
return {"user": user, "startdatetime": data['startdatetime'], "enddatetime": data['enddatetime']} if data else None
|
||||
|
||||
@connected
|
||||
def getWorkers(self, date):
|
||||
self.connect()
|
||||
try:
|
||||
cursor = self.db.cursor()
|
||||
cursor.execute("select * from bardienste where startdatetime='{}'".format(date))
|
||||
data = cursor.fetchall()
|
||||
self.db.close()
|
||||
except Exception as err:
|
||||
raise err
|
||||
|
||||
return [{"user": self.getUserById(work['user_id']).toJSON(), "startdatetime": work['startdatetime'], "enddatetime": work['enddatetime']} for work in data]
|
||||
|
||||
@connected
|
||||
def setWorker(self, user, date):
|
||||
self.connect()
|
||||
try:
|
||||
cursor = self.db.cursor()
|
||||
cursor.execute("insert into bardienste (user_id, startdatetime, enddatetime) values ({},'{}','{}')".format(user.id, date, date + timedelta(days=1)))
|
||||
|
|
@ -215,8 +200,8 @@ class DatabaseController(metaclass=Singleton):
|
|||
self.db.close()
|
||||
raise err
|
||||
|
||||
@connected
|
||||
def deleteWorker(self, user, date):
|
||||
self.connect()
|
||||
try:
|
||||
cursor = self.db.cursor()
|
||||
cursor.execute("delete from bardienste where user_id={} and startdatetime='{}'".format(user.id, date))
|
||||
|
|
|
|||
|
|
@ -0,0 +1,21 @@
|
|||
from functools import wraps
|
||||
def login_required(**kwargs):
|
||||
import geruecht.controller.accesTokenController as ac
|
||||
from geruecht.model import BAR, USER, MONEY, GASTRO
|
||||
from flask import request, jsonify
|
||||
accessController = ac.AccesTokenController()
|
||||
groups = [USER, BAR, GASTRO, MONEY]
|
||||
if "groups" in kwargs:
|
||||
groups = kwargs["groups"]
|
||||
def real_decorator(func):
|
||||
@wraps(func)
|
||||
def wrapper(*args, **kwargs):
|
||||
token = request.headers.get('Token')
|
||||
accToken = accessController.validateAccessToken(token, groups)
|
||||
kwargs['accToken'] = accToken
|
||||
if accToken:
|
||||
return func(*args, **kwargs)
|
||||
else:
|
||||
return jsonify({"error": "error", "message": "permission denied"}), 401
|
||||
return wrapper
|
||||
return real_decorator
|
||||
|
|
@ -2,16 +2,17 @@ from flask import Blueprint, request, jsonify
|
|||
from geruecht.finanzer import LOGGER
|
||||
from datetime import datetime
|
||||
import geruecht.controller.userController as uc
|
||||
import geruecht.controller.accesTokenController as ac
|
||||
from geruecht.model import MONEY
|
||||
from geruecht.decorator import login_required
|
||||
|
||||
finanzer = Blueprint("finanzer", __name__)
|
||||
|
||||
accesTokenController = ac.AccesTokenController()
|
||||
userController = uc.UserController()
|
||||
|
||||
|
||||
@finanzer.route("/getFinanzerMain")
|
||||
def _getFinanzer():
|
||||
@login_required(groups=[MONEY])
|
||||
def _getFinanzer(**kwargs):
|
||||
""" Function for /getFinanzerMain
|
||||
|
||||
Retrieves all User for the groupe 'moneymaster'
|
||||
|
|
@ -20,11 +21,6 @@ def _getFinanzer():
|
|||
A JSON-File with Users
|
||||
or ERROR 401 Permission Denied.
|
||||
"""
|
||||
LOGGER.info("Get main for Finanzer")
|
||||
token = request.headers.get("Token")
|
||||
LOGGER.debug("Verify AccessToken with Token {}".format(token))
|
||||
accToken = accesTokenController.validateAccessToken(token, [MONEY])
|
||||
if accToken:
|
||||
LOGGER.debug("Get all Useres")
|
||||
users = userController.getAllUsersfromDB()
|
||||
dic = {}
|
||||
|
|
@ -35,11 +31,10 @@ def _getFinanzer():
|
|||
LOGGER.debug("ReturnValue is {}".format(dic))
|
||||
LOGGER.info("Send main for Finanzer")
|
||||
return jsonify(dic)
|
||||
LOGGER.info("Permission Denied")
|
||||
return jsonify({"error": "permission denied"}), 401
|
||||
|
||||
@finanzer.route("/finanzerAddAmount", methods=['POST'])
|
||||
def _addAmount():
|
||||
@login_required(groups=[MONEY])
|
||||
def _addAmount(**kwargs):
|
||||
""" Add Amount to User
|
||||
|
||||
This Function add an amount to the user with posted userID.
|
||||
|
|
@ -50,12 +45,6 @@ def _addAmount():
|
|||
JSON-File with geruecht of year
|
||||
or ERROR 401 Permission Denied
|
||||
"""
|
||||
LOGGER.info("Add Amount")
|
||||
token = request.headers.get("Token")
|
||||
LOGGER.debug("Verify AccessToken with Token {}".format(token))
|
||||
accToken = accesTokenController.validateAccessToken(token, [MONEY])
|
||||
|
||||
if accToken:
|
||||
data = request.get_json()
|
||||
LOGGER.debug("Get data {}".format(data))
|
||||
userID = data['userId']
|
||||
|
|
@ -78,11 +67,10 @@ def _addAmount():
|
|||
retVal['locked'] = user.locked
|
||||
LOGGER.info("Send updated Geruecht")
|
||||
return jsonify(retVal)
|
||||
LOGGER.info("Permission Denied")
|
||||
return jsonify({"error": "permission denied"}), 401
|
||||
|
||||
@finanzer.route("/finanzerAddCredit", methods=['POST'])
|
||||
def _addCredit():
|
||||
@login_required(groups=[MONEY])
|
||||
def _addCredit(**kwargs):
|
||||
""" Add Credit to User
|
||||
|
||||
This Function add an credit to the user with posted userID.
|
||||
|
|
@ -93,13 +81,6 @@ def _addCredit():
|
|||
JSON-File with geruecht of year
|
||||
or ERROR 401 Permission Denied
|
||||
"""
|
||||
LOGGER.info("Add Amount")
|
||||
token = request.headers.get("Token")
|
||||
LOGGER.debug("Verify AccessToken with Token {}".format(token))
|
||||
accToken = accesTokenController.validateAccessToken(token, [MONEY])
|
||||
|
||||
if accToken:
|
||||
|
||||
data = request.get_json()
|
||||
print(data)
|
||||
LOGGER.debug("Get data {}".format(data))
|
||||
|
|
@ -125,42 +106,31 @@ def _addCredit():
|
|||
retVal['locked'] = user.locked
|
||||
LOGGER.info("Send updated Geruecht")
|
||||
return jsonify(retVal)
|
||||
LOGGER.info("Permission Denied")
|
||||
return jsonify({"error": "permission denied"}), 401
|
||||
|
||||
|
||||
@finanzer.route("/finanzerLock", methods=['POST'])
|
||||
def _finanzerLock():
|
||||
token = request.headers.get("Token")
|
||||
accToken = accesTokenController.validateAccessToken(token, [MONEY])
|
||||
|
||||
if accToken:
|
||||
@login_required(groups=[MONEY])
|
||||
def _finanzerLock(**kwargs):
|
||||
data = request.get_json()
|
||||
username = data['userId']
|
||||
locked = bool(data['locked'])
|
||||
retVal = userController.lockUser(username, locked).toJSON()
|
||||
return jsonify(retVal)
|
||||
return jsonify({"error": "permission denied"}), 401
|
||||
|
||||
|
||||
@finanzer.route("/finanzerSetConfig", methods=['POST'])
|
||||
def _finanzerSetConfig():
|
||||
token = request.headers.get("Token")
|
||||
accToken = accesTokenController.validateAccessToken(token, [MONEY])
|
||||
|
||||
if accToken:
|
||||
@login_required(groups=[MONEY])
|
||||
def _finanzerSetConfig(**kwargs):
|
||||
data = request.get_json()
|
||||
username = data['userId']
|
||||
autoLock = bool(data['autoLock'])
|
||||
limit = int(data['limit'])
|
||||
retVal = userController.updateConfig(username, {'lockLimit': limit, 'autoLock': autoLock}).toJSON()
|
||||
return jsonify(retVal)
|
||||
return jsonify({"error": "permission denied"}), 401
|
||||
|
||||
@finanzer.route("/finanzerAddUser", methods=['POST'])
|
||||
def _finanzerAddUser():
|
||||
token = request.headers.get("Token")
|
||||
accToken = accesTokenController.validateAccessToken(token, [MONEY])
|
||||
|
||||
if accToken:
|
||||
@login_required(groups=[MONEY])
|
||||
def _finanzerAddUser(**kwargs):
|
||||
data = request.get_json()
|
||||
username = data['userId']
|
||||
userController.getUser(username)
|
||||
|
|
@ -173,26 +143,17 @@ def _finanzerAddUser():
|
|||
dic[user.uid]['creditList'] = {credit.year: credit.toJSON() for credit in user.geruechte}
|
||||
LOGGER.debug("ReturnValue is {}".format(dic))
|
||||
return jsonify(dic), 200
|
||||
return jsonify({"error": "permission denied"}), 401
|
||||
|
||||
@finanzer.route("/finanzerSendOneMail", methods=['POST'])
|
||||
def _finanzerSendOneMail():
|
||||
token = request.headers.get("Token")
|
||||
accToken = accesTokenController.validateAccessToken(token, [MONEY])
|
||||
|
||||
if accToken:
|
||||
@login_required(groups=[MONEY])
|
||||
def _finanzerSendOneMail(**kwargs):
|
||||
data = request.get_json()
|
||||
username = data['userId']
|
||||
retVal = userController.sendMail(username)
|
||||
return jsonify(retVal)
|
||||
return jsonify({"error:", "permission denied"}), 401
|
||||
|
||||
@finanzer.route("/finanzerSendAllMail", methods=['GET'])
|
||||
def _finanzerSendAllMail():
|
||||
token = request.headers.get("Token")
|
||||
accToken = accesTokenController.validateAccessToken(token, [MONEY])
|
||||
|
||||
if accToken:
|
||||
@login_required(groups=[MONEY])
|
||||
def _finanzerSendAllMail(**kwargs):
|
||||
retVal = userController.sendAllMail()
|
||||
return jsonify(retVal)
|
||||
return jsonify({"error": "permission denied"}), 401
|
||||
|
|
@ -1,33 +1,30 @@
|
|||
from flask import Blueprint, request, jsonify
|
||||
import geruecht.controller as gc
|
||||
from geruecht.decorator import login_required
|
||||
import geruecht.controller.userController as uc
|
||||
import geruecht.controller.accesTokenController as ac
|
||||
from geruecht.model import USER
|
||||
from datetime import datetime
|
||||
|
||||
user = Blueprint("user", __name__)
|
||||
|
||||
accesTokenController = ac.AccesTokenController()
|
||||
userController = uc.UserController()
|
||||
|
||||
@user.route("/user/main")
|
||||
def _main():
|
||||
|
||||
token = request.headers.get("Token")
|
||||
accToken = accesTokenController.validateAccessToken(token, [USER])
|
||||
if accToken:
|
||||
@user.route("/user/main")
|
||||
@login_required(groups=[USER])
|
||||
def _main(**kwargs):
|
||||
if 'accToken' in kwargs:
|
||||
accToken = kwargs['accToken']
|
||||
accToken.user = userController.getUser(accToken.user.uid)
|
||||
retVal = accToken.user.toJSON()
|
||||
retVal['creditList'] = {credit.year: credit.toJSON() for credit in accToken.user.geruechte}
|
||||
return jsonify(retVal)
|
||||
return jsonify({"error": "permission denied"}), 401
|
||||
return jsonify("error", "something went wrong"), 500
|
||||
|
||||
@user.route("/user/addAmount", methods=['POST'])
|
||||
def _addAmount():
|
||||
|
||||
token = request.headers.get("Token")
|
||||
accToken = accesTokenController.validateAccessToken(token, [USER])
|
||||
if accToken:
|
||||
@login_required(groups=[USER])
|
||||
def _addAmount(**kwargs):
|
||||
if 'accToken' in kwargs:
|
||||
accToken = kwargs['accToken']
|
||||
data = request.get_json()
|
||||
amount = int(data['amount'])
|
||||
date = datetime.now()
|
||||
|
|
@ -36,4 +33,4 @@ def _addAmount():
|
|||
retVal = accToken.user.toJSON()
|
||||
retVal['creditList'] = {credit.year: credit.toJSON() for credit in accToken.user.geruechte}
|
||||
return jsonify(retVal)
|
||||
return jsonify({"error": "permission denied"}), 401
|
||||
return jsonify({"error": "something went wrong"}), 500
|
||||
|
|
@ -1,19 +1,21 @@
|
|||
from flask import Blueprint, request, jsonify
|
||||
from datetime import datetime
|
||||
from geruecht.controller import accesTokenController, userController
|
||||
import geruecht.controller.userController as uc
|
||||
from geruecht.decorator import login_required
|
||||
from geruecht.model import MONEY, GASTRO
|
||||
|
||||
vorstand = Blueprint("vorstand", __name__)
|
||||
userController = uc.UserController()
|
||||
|
||||
|
||||
@vorstand.route("/sm/addUser", methods=['POST', 'GET'])
|
||||
|
||||
@login_required(groups=[MONEY, GASTRO])
|
||||
def _addUser():
|
||||
|
||||
if request.method == 'GET':
|
||||
return "<h1>HEllo World</h1>"
|
||||
|
||||
token = request.headers.get("Token")
|
||||
accToken = accesTokenController.validateAccessToken(token, [MONEY, GASTRO])
|
||||
if accToken:
|
||||
data = request.get_json()
|
||||
user = data['user']
|
||||
date = datetime.utcfromtimestamp(int(data['date']))
|
||||
|
|
@ -21,4 +23,3 @@ def _addUser():
|
|||
|
||||
print(data)
|
||||
return jsonify({"date": date})
|
||||
return jsonify({"error": "permission denied"}), 401
|
||||
Loading…
Reference in New Issue