# Copyright (c) 2019. Tobias Kurze """ This module provides functions related to authentication through the API. For example: listing of available auth providers or registration of users. Login through API does not start a new session, but instead returns JWT. """ import flask import jwt from flask import request, jsonify, current_app, url_for from flask_jwt_extended import get_jwt_identity, jwt_optional, jwt_required from flask_restplus import Resource, fields from backend import db, app, jwt_auth from backend.api import api_bp, api_user from backend.auth import oidc_auth from backend.models.user_model import User, Group user = api_user.model('User', { 'id': fields.String(required=True, description='The user\'s identifier'), 'first_name': fields.String(required=True, description='The user\'s first name'), }) @api_user.route('/profile', methods=['GET']) class Profile(Resource): @jwt_auth.login_required @api_user.marshal_list_with(user) def get(self): """Get infos about logged in user.""" current_user_id = get_jwt_identity() app.logger.info(current_user_id) return User.get_by_identifier(current_user_id) @api_user.route('/') class UserList(Resource): """ This is a test class. """ #@jwt_auth.login_required @jwt_required @api_user.doc('users') @api_user.marshal_list_with(user) def get(self): """ just a test! :return: Hello: World """ current_user = get_jwt_identity() app.logger.info(current_user) return User.get_all() @api_user.route('/') @api_user.param('id', 'The user identifier') @api_user.response(404, 'User not found') class UserResource(Resource): @jwt_auth.login_required @api_user.doc('get_user') @api_user.marshal_with(user) def get(self, id): """Fetch a user given its identifier""" user = User.get_by_id(id) if user is not None: return user api_user.abort(404) # api_user.add_resource(UserResource, '/')