# Copyright (c) 2019. Tobias Kurze """ This module provides functions related to authentication through the API. For example: listing of available auth providers or registration of users. """ from datetime import datetime, timedelta import jwt from flask import request, jsonify, current_app, url_for from functools import wraps from random import randint from flask_login import logout_user, login_user from werkzeug.routing import BuildError from backend import db from backend.api import auth_api_bp from backend.auth import AUTH_PROVIDERS from backend.models.user_model import User def create_jwt(user: User, validity_min=30): return jwt.encode({ 'sub': user.email, 'iat': datetime.utcnow(), 'exp': datetime.utcnow() + timedelta(minutes=validity_min)}, current_app.config['SECRET_KEY']) @auth_api_bp.route('/providers', methods=('GET',)) def get_auth_providers(): providers = dict() for p in AUTH_PROVIDERS: provider = dict(AUTH_PROVIDERS[p]) try: provider["url"] = url_for(AUTH_PROVIDERS[p]["url"]) except BuildError: provider["url"] = AUTH_PROVIDERS[p]["url"] providers[p] = provider return jsonify(providers) @auth_api_bp.route('/register', methods=('POST',)) def register(): data = request.get_json() user = User(**data) db.session.add(user) db.session.commit() return jsonify(user.to_dict()), 201 @auth_api_bp.route('/login', methods=('GET', 'POST',)) def login(): print("login") print(request) data = request.get_json() if not data: return jsonify({'message': 'Invalid request data', 'authenticated': False}), 401 print(data) user = User.authenticate(**data) if not user: return jsonify({'message': 'Invalid credentials', 'authenticated': False}), 401 token = create_jwt(user) #login_user(user) return jsonify({'token': token.decode('UTF-8')}) @auth_api_bp.route('/logout', methods=('GET', )) def logout(): return jsonify({'message': 'Not yet implemented!', 'authenticated': False}), 401 #logout_user()