-
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Changing basic things like auth for api and laying out basic structure.
- Loading branch information
1 parent
bbb10eb
commit 62938bf
Showing
13 changed files
with
218 additions
and
173 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
3.11 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,6 @@ | ||
#!/usr/bin/env bash | ||
|
||
PORT="${PORT:-7080}" | ||
export FLASK_APP=tpnewsletter | ||
export FLASK_APP=tread | ||
export FLASK_ENV=development | ||
flask run --port $PORT --host 0.0.0.0 --debug | ||
flask run --port $PORT --host 0.0.0.0 --debug |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,18 +1,42 @@ | ||
from typing import Any | ||
from . import db | ||
from ..bcrypt import bcrypt | ||
import logging | ||
|
||
log = logging.getLogger(__name__) | ||
log.setLevel(logging.WARN) | ||
|
||
class User(db.Model): | ||
id = db.Column(db.Integer, primary_key=True) | ||
username = db.Column(db.String(150), unique=True, nullable=False) | ||
password_hash: Any = db.Column(db.String(150), nullable=False) | ||
password: Any = db.Column(db.String(150), nullable=False) | ||
full_name = db.Column(db.String(150), nullable=False) | ||
role = db.Column(db.String(50), nullable=False) | ||
theme: Any = db.Column(db.String(50), nullable=True) | ||
profile_picture_url: Any = db.Column(db.String(250), nullable=True) | ||
email = db.Column(db.String(150), nullable=False) | ||
created_at = db.Column(db.DateTime, nullable=False, default=db.func.now()) | ||
updated_at = db.Column(db.DateTime, nullable=False, default=db.func.now(), onupdate=db.func.now()) | ||
|
||
def __init__(self, username, password, full_name, role, email): | ||
self.username = username | ||
self.set_password(password) # hash the password | ||
self.full_name = full_name | ||
self.role = role | ||
self.email = email | ||
|
||
def set_password(self, password): | ||
self.password_hash = bcrypt.generate_password_hash(password).decode("utf-8") | ||
self.password = bcrypt.generate_password_hash(password).decode("utf-8") | ||
|
||
def check_password(self, password): | ||
return bcrypt.check_password_hash(self.password_hash, password) | ||
return bcrypt.check_password_hash(self.password_hash, password) | ||
|
||
def save(self): | ||
try: | ||
db.session.add(self) | ||
db.session.commit() | ||
log.info(msg="User saved to database.") | ||
except: | ||
db.session.rollback() | ||
log.error(msg="Error saving user to database, rolling back.") | ||
return False | ||
|
||
return True |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,38 +1,19 @@ | ||
from typing import Any | ||
from flask import request, current_app, jsonify | ||
from functools import wraps | ||
import logging | ||
import jwt | ||
import datetime | ||
|
||
log = logging.getLogger(__name__) | ||
log.setLevel(logging.WARN) | ||
|
||
# Decorator to check the JWT in cookies | ||
def token_required(f): | ||
@wraps(f) | ||
def decorated(*args, **kwargs): | ||
token = request.cookies.get(current_app.config['JWT_COOKIE_NAME']) | ||
|
||
if not token: | ||
log.info(msg="Token is missing. Returning 403.") | ||
return jsonify({'message': 'Token is missing'}), 403 | ||
|
||
try: | ||
# Decode the token and extract user information | ||
data = jwt.decode(token, current_app.config['SECRET_KEY'], algorithms=['HS256']) | ||
current_user = data['user'] | ||
role: str = data['role'] | ||
created_at: Any = data['created_at'] | ||
exp: datetime.datetime = data['exp'] | ||
except: | ||
log.info(msg='Token is invalid. Returning 403.') | ||
return jsonify({'message': 'Token is invalid'}), 403 | ||
|
||
if exp < datetime.datetime.now(datetime.timezone.utc): | ||
log.info(msg='Token has expired. Returning 403.') | ||
return jsonify({'message': 'Token has expired'}), 403 | ||
|
||
return f(current_user, role, created_at, exp, *args, **kwargs) | ||
|
||
return decorated | ||
from flask_jwt_extended import JWTManager | ||
from flask_jwt_extended import current_user | ||
from ..database.user import User | ||
|
||
jwt = JWTManager() | ||
|
||
@jwt.user_identity_loader | ||
def user_identity_lookup(user): | ||
return user.id | ||
|
||
@jwt.user_lookup_loader | ||
def user_lookup_callback(_jwt_header, jwt_data): | ||
identity = jwt_data["sub"] | ||
return User.query.filter_by(id=identity).one_or_none() | ||
|
||
|
||
|
||
|
||
|
Oops, something went wrong.