112 lines
3.7 KiB
Python
112 lines
3.7 KiB
Python
# Copyright (c) 2019. Tobias Kurze
|
|
"""
|
|
This module provides functions related to authentication through the API.
|
|
For example: listing of available auth providers or registration of users.
|
|
|
|
Login through API does not start a new session, but instead returns JWT.
|
|
"""
|
|
from datetime import datetime
|
|
from pprint import pprint
|
|
|
|
import flask
|
|
import jwt
|
|
from flask import request, jsonify, current_app, url_for
|
|
from flask_jwt_extended import get_jwt_identity, jwt_optional, jwt_required
|
|
from flask_restplus import Resource, fields, inputs
|
|
|
|
from backend import db, app, jwt_auth
|
|
from backend.api import api_bp, api_user
|
|
from backend.auth import oidc_auth
|
|
from backend.models.user_model import User, Group
|
|
|
|
user_model = api_user.model('User', {
|
|
'id': fields.String(required=True, description='The user\'s identifier'),
|
|
'first_name': fields.String(required=True, description='The user\'s first name'),
|
|
'last_name': fields.String(required=True, description='The user\'s last name'),
|
|
'email': fields.String(required=True, description='The user\'s email address'),
|
|
'nickname': fields.String(required=False, description='The user\'s nick name'),
|
|
'groups': fields.List(
|
|
fields.Nested(api_user.model('user_group', {'id': fields.Integer(), 'name': fields.String()})),
|
|
required=False, description='Group memberships.'),
|
|
})
|
|
|
|
user_update_parser = api_user.parser()
|
|
user_update_parser.add_argument('email', type=inputs.email, required=False, nullable=False, store_missing=False)
|
|
user_update_parser.add_argument('nickname', type=str, required=False, store_missing=False)
|
|
user_update_parser.add_argument('first_name', type=str, required=False, store_missing=False)
|
|
user_update_parser.add_argument('last_name', type=str, required=False, store_missing=False)
|
|
|
|
@api_user.route('/profile')
|
|
class Profile(Resource):
|
|
@jwt_required
|
|
@api_user.marshal_with(user_model)
|
|
def get(self):
|
|
"""Get infos about logged in user."""
|
|
current_user_id = get_jwt_identity()
|
|
app.logger.info(current_user_id)
|
|
return User.get_by_identifier(current_user_id)
|
|
|
|
@jwt_required
|
|
def put(self):
|
|
current_user_id = get_jwt_identity()
|
|
print(api_user.payload)
|
|
app.logger.info(current_user_id)
|
|
args = user_update_parser.parse_args()
|
|
args['last_time_modified'] = datetime.utcnow()
|
|
pprint(args)
|
|
|
|
num_rows_matched = User.query.filter_by(id=current_user_id).update(args)
|
|
print(num_rows_matched)
|
|
|
|
if num_rows_matched < 1:
|
|
api_user.abort(404)
|
|
db.session.commit()
|
|
return "ok"
|
|
|
|
|
|
@api_user.route('')
|
|
class UserList(Resource):
|
|
"""
|
|
This is a test class.
|
|
"""
|
|
|
|
# @jwt_auth.login_required
|
|
@jwt_required
|
|
@api_user.doc('users')
|
|
@api_user.marshal_list_with(user_model)
|
|
def get(self):
|
|
"""
|
|
just a test!
|
|
:return: Hello: World
|
|
"""
|
|
current_user = get_jwt_identity()
|
|
app.logger.info(current_user)
|
|
return User.get_all()
|
|
|
|
@jwt_required
|
|
@api_user.doc('create_group')
|
|
@api_user.expect(user_model)
|
|
@api_user.marshal_with(user_model, code=201)
|
|
def post(self):
|
|
user = User(**api_user.payload)
|
|
db.session.add(user)
|
|
db.session.commit()
|
|
return user
|
|
|
|
|
|
@api_user.route('/<id>')
|
|
@api_user.param('id', 'The user identifier')
|
|
@api_user.response(404, 'User not found')
|
|
class UserResource(Resource):
|
|
@jwt_auth.login_required
|
|
@api_user.doc('get_user')
|
|
@api_user.marshal_with(user_model)
|
|
def get(self, id):
|
|
"""Fetch a user given its identifier"""
|
|
user = User.get_by_id(id)
|
|
if user is not None:
|
|
return user
|
|
api_user.abort(404)
|
|
|
|
# api_user.add_resource(UserResource, '/')
|