You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
93 lines
2.4 KiB
93 lines
2.4 KiB
#!/usr/bin/env python |
|
# -*- encoding: utf-8 -*- |
|
|
|
"""User management.""" |
|
|
|
from flask import Blueprint |
|
from flask import jsonify |
|
from flask import request |
|
|
|
from luncho.helpers import ForceJSON |
|
|
|
from luncho.server import User |
|
|
|
from luncho.exceptions import LunchoException |
|
|
|
|
|
# ---------------------------------------------------------------------- |
|
# Exceptions |
|
# ---------------------------------------------------------------------- |
|
|
|
class UserDoesNotExistException(LunchoException): |
|
"""There is no such user in the database.""" |
|
def __init__(self): |
|
super(UserDoesNotExistException, self).__init__() |
|
self.status = 404 |
|
self.message = 'User does not exist' |
|
|
|
|
|
class InvalidPasswordException(LunchoException): |
|
"""Invalid password.""" |
|
def __init__(self): |
|
super(InvalidPasswordException, self).__init__() |
|
self.status = 401 |
|
self.message = 'Invalid password' |
|
|
|
# ---------------------------------------------------------------------- |
|
# The blueprint |
|
# ---------------------------------------------------------------------- |
|
|
|
token = Blueprint('token', __name__) |
|
|
|
|
|
@token.route('', methods=['POST']) |
|
@ForceJSON(required=['username', 'password']) |
|
def get_token(): |
|
"""Return the access token. Most of the other requests require a valid |
|
token; a token will be valid for a whole day and you should only request a |
|
token when you either don't have one or you receive a status 400. |
|
|
|
**Example request**: |
|
|
|
.. sourcecode:: http |
|
|
|
{ "username": "myUsername", "password": "myPassword" } |
|
|
|
**Success (200)**: |
|
|
|
.. sourcecode:: http |
|
|
|
HTTP/1.1 200 OK |
|
Content-Type: text/json |
|
|
|
{ "status": "OK", "token": "access_token" } |
|
|
|
**Invalid password (401)**: |
|
|
|
.. sourcecode:: http |
|
|
|
HTTP/1.1 401 Unauthorized |
|
Content-Type: text/json |
|
|
|
{ "status": "ERROR", "message": "Invalid password" } |
|
|
|
**Unknown user (404)**: |
|
|
|
.. sourcecode:: http |
|
|
|
HTTP/1.1 404 Not found |
|
Content-Type: text/json |
|
|
|
{ "status": "ERROR", "message": "User does not exist" } |
|
""" |
|
json = request.get_json(force=True) |
|
|
|
user = User.query.filter_by(username=json['username']).first() |
|
if user is None: |
|
raise UserDoesNotExistException() |
|
|
|
if not user.passhash == json['password']: |
|
raise InvalidPasswordException() |
|
|
|
return jsonify(status='OK', |
|
token=user.get_token())
|
|
|