86 lines
2.7 KiB
Python
86 lines
2.7 KiB
Python
# Copyright (c) 2019. Tobias Kurze
|
|
"""
|
|
This module provides functions related to authentication through the API.
|
|
For example: listing of available auth providers or registration of users.
|
|
|
|
Login through API does not start a new session, but instead returns JWT.
|
|
"""
|
|
import flask
|
|
import jwt
|
|
from flask import request, jsonify, current_app, url_for
|
|
from flask_jwt_extended import get_jwt_identity, jwt_optional, jwt_required
|
|
from flask_restplus import Resource, fields
|
|
|
|
from backend import db, app, jwt_auth
|
|
from backend.api import api_bp, api_user
|
|
from backend.auth import oidc_auth
|
|
from backend.models.user_model import User, Group
|
|
|
|
|
|
|
|
user_model = api_user.model('User', {
|
|
'id': fields.String(required=True, description='The user\'s identifier'),
|
|
'first_name': fields.String(required=True, description='The user\'s first name'),
|
|
'last_name': fields.String(required=True, description='The user\'s last name'),
|
|
'email': fields.String(required=True, description='The user\'s email address'),
|
|
'nickname': fields.String(required=False, description='The user\'s nick name'),
|
|
'groups': fields.List(fields.Nested({'name': fields.String()}), required=False, description='Group memberships.'),
|
|
})
|
|
|
|
|
|
@api_user.route('/profile', methods=['GET'])
|
|
class Profile(Resource):
|
|
@jwt_auth.login_required
|
|
@api_user.marshal_list_with(user_model)
|
|
def get(self):
|
|
"""Get infos about logged in user."""
|
|
current_user_id = get_jwt_identity()
|
|
app.logger.info(current_user_id)
|
|
return User.get_by_identifier(current_user_id)
|
|
|
|
|
|
@api_user.route('')
|
|
class UserList(Resource):
|
|
"""
|
|
This is a test class.
|
|
"""
|
|
#@jwt_auth.login_required
|
|
@jwt_required
|
|
@api_user.doc('users')
|
|
@api_user.marshal_list_with(user_model)
|
|
def get(self):
|
|
"""
|
|
just a test!
|
|
:return: Hello: World
|
|
"""
|
|
current_user = get_jwt_identity()
|
|
app.logger.info(current_user)
|
|
return User.get_all()
|
|
|
|
@jwt_required
|
|
@api_user.doc('create_group')
|
|
@api_user.expect(user_model)
|
|
@api_user.marshal_with(user_model, code=201)
|
|
def post(self):
|
|
user = User(**api_user.payload)
|
|
db.session.add(user)
|
|
db.session.commit()
|
|
return user
|
|
|
|
|
|
@api_user.route('/<id>')
|
|
@api_user.param('id', 'The user identifier')
|
|
@api_user.response(404, 'User not found')
|
|
class UserResource(Resource):
|
|
@jwt_auth.login_required
|
|
@api_user.doc('get_user')
|
|
@api_user.marshal_with(user_model)
|
|
def get(self, id):
|
|
"""Fetch a user given its identifier"""
|
|
user = User.get_by_id(id)
|
|
if user is not None:
|
|
return user
|
|
api_user.abort(404)
|
|
|
|
# api_user.add_resource(UserResource, '/')
|