added a lot of auth code

2019-03-21 16:17:25 +01:00
parent bef3c6dc9b
commit 0469b8dbb5
13 changed files with 220 additions and 23 deletions
--- a/api/auth_api.py
+++ b/api/auth_api.py
@@ -1,15 +1,39 @@
 #  Copyright (c) 2019. Tobias Kurze
-import datetime
+"""
+This module provides functions related to authentication through the API.
+For example: listing of available auth providers or registration of users.
+"""
+from datetime import datetime, timedelta
 import jwt
-from flask import request, jsonify, current_app
+from flask import request, jsonify, current_app, url_for
 from functools import wraps
 from random import randint

+from flask_login import logout_user, login_user
+
 from backend import db
 from backend.api import auth_api_bp
+from backend.auth import AUTH_PROVIDERS
 from backend.models.user_model import User


+def create_jwt(user: User, validity_min=30):
+    return jwt.encode({
+        'sub': user.email,
+        'iat': datetime.utcnow(),
+        'exp': datetime.utcnow() + timedelta(minutes=validity_min)},
+        current_app.config['SECRET_KEY'])
+
+
+@auth_api_bp.route('/providers', methods=('GET',))
+def get_auth_providers():
+    providers = list()
+    for p in AUTH_PROVIDERS:
+        provider = dict(p)
+        provider["url"] = url_for(p["url"])
+    return jsonify(providers)
+
+
@auth_api_bp.route('/register', methods=('POST',))
 def register():
    data = request.get_json()
@@ -21,15 +45,21 @@ def register():

@auth_api_bp.route('/login', methods=('GET', 'POST',))
 def login():
+    print("login")
+    print(request)
    data = request.get_json()
+    print(data)
    user = User.authenticate(**data)

    if not user:
-        return jsonify({ 'message': 'Invalid credentials', 'authenticated': False }), 401
+        return jsonify({'message': 'Invalid credentials', 'authenticated': False}), 401

-    token = jwt.encode({
-        'sub': user.email,
-        'iat':datetime.utcnow(),
-        'exp': datetime.utcnow() + datetime.timedelta(minutes=30)},
-        current_app.config['SECRET_KEY'])
+    token = create_jwt(user)
+    #login_user(user)
    return jsonify({'token': token.decode('UTF-8')})
+
+
+@auth_api_bp.route('/logout', methods=('GET', ))
+def logout():
+    pass
+    #logout_user()