66 lines
1.7 KiB
Python
66 lines
1.7 KiB
Python
# Copyright (c) 2019. Tobias Kurze
|
|
"""
|
|
This module provides functions related to authentication through the API.
|
|
For example: listing of available auth providers or registration of users.
|
|
"""
|
|
from datetime import datetime, timedelta
|
|
import jwt
|
|
from flask import request, jsonify, current_app, url_for
|
|
from functools import wraps
|
|
from random import randint
|
|
|
|
from flask_login import logout_user, login_user
|
|
|
|
from backend import db
|
|
from backend.api import auth_api_bp
|
|
from backend.auth import AUTH_PROVIDERS
|
|
from backend.models.user_model import User
|
|
|
|
|
|
def create_jwt(user: User, validity_min=30):
|
|
return jwt.encode({
|
|
'sub': user.email,
|
|
'iat': datetime.utcnow(),
|
|
'exp': datetime.utcnow() + timedelta(minutes=validity_min)},
|
|
current_app.config['SECRET_KEY'])
|
|
|
|
|
|
@auth_api_bp.route('/providers', methods=('GET',))
|
|
def get_auth_providers():
|
|
providers = list()
|
|
for p in AUTH_PROVIDERS:
|
|
provider = dict(p)
|
|
provider["url"] = url_for(p["url"])
|
|
return jsonify(providers)
|
|
|
|
|
|
@auth_api_bp.route('/register', methods=('POST',))
|
|
def register():
|
|
data = request.get_json()
|
|
user = User(**data)
|
|
db.session.add(user)
|
|
db.session.commit()
|
|
return jsonify(user.to_dict()), 201
|
|
|
|
|
|
@auth_api_bp.route('/login', methods=('GET', 'POST',))
|
|
def login():
|
|
print("login")
|
|
print(request)
|
|
data = request.get_json()
|
|
print(data)
|
|
user = User.authenticate(**data)
|
|
|
|
if not user:
|
|
return jsonify({'message': 'Invalid credentials', 'authenticated': False}), 401
|
|
|
|
token = create_jwt(user)
|
|
#login_user(user)
|
|
return jsonify({'token': token.decode('UTF-8')})
|
|
|
|
|
|
@auth_api_bp.route('/logout', methods=('GET', ))
|
|
def logout():
|
|
pass
|
|
#logout_user()
|