from geruecht import app, LOGGER from geruecht.exceptions import PermissionDenied from geruecht.controller import accesTokenController, userController from geruecht.model import MONEY, BAR, USER, GASTRO from flask import request, jsonify def login(user, password): return user.login(password) @app.route("/valid") def _valid(): token = request.headers.get("Token") accToken = accesTokenController.validateAccessToken(token, [MONEY]) if accToken: return jsonify(accToken.user.toJSON()) accToken = accesTokenController.validateAccessToken(token, [BAR]) if accToken: return jsonify(accToken.user.toJSON()) accToken = accesTokenController.validateAccessToken(token, [GASTRO]) if accToken: return jsonify(accToken.user.toJSON()) accToken = accesTokenController.validateAccessToken(token, [USER]) if accToken: return jsonify(accToken.user.toJSON()) return jsonify({"error": "permission denied"}), 401 @app.route("/login", methods=['POST']) def _login(): """ Login User Nothing to say. Login in User and create an AccessToken for the User. Returns: A JSON-File with createt Token or Errors """ LOGGER.info("Start log in.") data = request.get_json() print(data) LOGGER.debug("JSON from request: {}".format(data)) username = data['username'] password = data['password'] LOGGER.info("search {} in database".format(username)) try: user = userController.loginUser(username, password) user.password = password token = accesTokenController.createAccesToken(user) dic = user.toJSON() dic["token"] = token dic["accessToken"] = token LOGGER.info("User {} success login.".format(username)) return jsonify(dic) except PermissionDenied as err: return jsonify({"error": str(err)}), 401 LOGGER.info("User {} does not exist.".format(username)) return jsonify({"error": "wrong username"}), 401