Flaschengeist/flaschengeist
Flaschengeist
/
flaschengeist
7
0
Fork 0
Code Issues 20 Pull Requests Packages Projects Releases 2 Wiki Activity
flaschengeist/geruecht/routes.py

75 lines
2.7 KiB
Python
Raw Blame History

from geruecht import app, db, accesTokenController, MONEY, BAR, USER, GASTRO, LOGGER
from geruecht import ldapController as ldap
from geruecht.model.user import User
from flask import request, jsonify
def login(user, password):
return user.login(password)
@app.route("/valid")
def _valid():
token = request.headers.get("Token")
accToken = accesTokenController.validateAccessToken(token, MONEY)
if accToken:
return jsonify(accToken.user.toJSON())
accToken = accesTokenController.validateAccessToken(token, BAR)
if accToken:
return jsonify(accToken.user.toJSON())
accToken = accesTokenController.validateAccessToken(token, GASTRO)
if accToken:
return jsonify(accToken.user.toJSON())
accToken = accesTokenController.validateAccessToken(token, USER)
if accToken:
return jsonify(accToken.user.toJSON())
return jsonify({"error": "permission denied"}), 401
@app.route("/login", methods=['POST'])
def _login():
""" Login User
Nothing to say.
Login in User and create an AccessToken for the User.
Returns:
A JSON-File with createt Token or Errors
"""
LOGGER.info("Start log in.")
data = request.get_json()
print(data)
LOGGER.debug("JSON from request: {}".format(data))
username = data['username']
password = data['password']
LOGGER.info("search {} in database".format(username))
user = db.getUser(username)
if user is None:
LOGGER.info("User {} not found. Authenticate over LDAP and create User.")
try:
ldap.login(username, password)
LOGGER.info("Authentification successfull. Search Group")
groups = ldap.getGroup(username)
LOGGER.info("Get userdata from LDAP")
user_data = ldap.getUserData(username)
user_data['group'] = groups
LOGGER.info('Insert user {} into database')
db.insertUser(user_data)
except Exception as err:
return jsonify({"error": str(err)}), 401
LOGGER.info("{} try to log in".format(username))
user = db.getUser(username)
LOGGER.debug("User is {}".format(user))
if user:
LOGGER.debug("Check login for User {}".format(user))
if login(user, password):
token = accesTokenController.createAccesToken(user)
dic = user.toJSON()
dic["token"] = token
dic["accessToken"] = token
LOGGER.info("User {} success login.".format(username))
return jsonify(dic)
else:
LOGGER.info("User {} failed login.".format(username))
return jsonify({"error": "wrong password"}), 401
LOGGER.info("User {} does not exist.".format(username))
return jsonify({"error": "wrong username"}), 402
Reference in New Issue View Git Blame Copy Permalink