flaschengeist/geruecht/routes.py

57 lines
1.9 KiB
Python

from geruecht import app, LOGGER
from geruecht.exceptions import PermissionDenied
from geruecht.controller import accesTokenController, userController
from geruecht.model import MONEY, BAR, USER, GASTRO
from flask import request, jsonify
def login(user, password):
return user.login(password)
@app.route("/valid")
def _valid():
token = request.headers.get("Token")
accToken = accesTokenController.validateAccessToken(token, MONEY)
if accToken:
return jsonify(accToken.user.toJSON())
accToken = accesTokenController.validateAccessToken(token, BAR)
if accToken:
return jsonify(accToken.user.toJSON())
accToken = accesTokenController.validateAccessToken(token, GASTRO)
if accToken:
return jsonify(accToken.user.toJSON())
accToken = accesTokenController.validateAccessToken(token, USER)
if accToken:
return jsonify(accToken.user.toJSON())
return jsonify({"error": "permission denied"}), 401
@app.route("/login", methods=['POST'])
def _login():
""" Login User
Nothing to say.
Login in User and create an AccessToken for the User.
Returns:
A JSON-File with createt Token or Errors
"""
LOGGER.info("Start log in.")
data = request.get_json()
print(data)
LOGGER.debug("JSON from request: {}".format(data))
username = data['username']
password = data['password']
LOGGER.info("search {} in database".format(username))
try:
user = userController.loginUser(username, password)
token = accesTokenController.createAccesToken(user)
dic = user.toJSON()
dic["token"] = token
dic["accessToken"] = token
LOGGER.info("User {} success login.".format(username))
return jsonify(dic)
except PermissionDenied as err:
return jsonify({"error": str(err)}), 401
LOGGER.info("User {} does not exist.".format(username))
return jsonify({"error": "wrong username"}), 401