yvachot/FlaskALED
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update: user_delete

Browse source
This commit is contained in:
Yûki VACHOT 2022-01-05 19:26:06 +01:00
parent 604b1f4fb7
commit 0348c30044
2 changed files with 85 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

31
backend/application/api_functions.py
View file

@ -58,7 +58,7 @@ def db_login(ip, email, password):
return {'status': 1, 'message': message} # Email or password invalid return {'status': 1, 'message': message} # Email or password invalid
def db_register(ip, email, nickname, password, is_admin): def db_register(ip, email, nickname, password, is_admin=False):
user = Users.query.filter( user = Users.query.filter(
Users.email == email Users.email == email
).first() ).first()
@ -174,3 +174,32 @@ def db_user_update(ip, user_id, nickname, password):
id_user=user_id id_user=user_id
) )
return {'status': 1, 'message': message} return {'status': 1, 'message': message}
def db_user_delete(ip, user_id):
test = Users.query.filter(Users.id == user_id).delete()
if test == 1:
db.session.commit()
message = 'User deleted.'
db_create_log(
ip=ip,
action='user_delete',
message=message,
has_succeeded=True,
status_code=0,
table='users',
id_user=user_id
)
return {'status': 0, 'message': message, 'data': None}
else:
message = 'User do not exist.'
db_create_log(
ip=ip,
action='user_delete',
message=message,
has_succeeded=False,
status_code=1,
table='users',
id_user=user_id
)
return {'status': 1, 'message': message}

84
backend/application/routes.py
View file

@ -1,7 +1,7 @@
from flask import current_app as app from flask import current_app as app
from flask import request from flask import request
from .responses import send_message, send_error from .responses import send_message, send_error
from .api_functions import db_login, db_register, db_user_update, db_create_log from .api_functions import db_login, db_register, db_user_update, db_create_log, db_user_delete
from .sessionJWT import create_auth_token, check_auth_token from .sessionJWT import create_auth_token, check_auth_token
@ -12,19 +12,21 @@ def login():
post_email = str(post_json['email']) post_email = str(post_json['email'])
post_password = str(post_json['password']) post_password = str(post_json['password'])
if post_email and post_password: if post_email and post_password:
ip = request.remote_addr if post_email != '' and post_password != '':
res = db_login(ip, post_email, post_password) ip = request.remote_addr
# TODO: Token Authentication res = db_login(ip, post_email, post_password)
if res['status'] == 0: if res['status'] == 0:
user = res['data'] user = res['data']
token = create_auth_token(user) token = create_auth_token(user)
return send_message(res['message'], user, token) return send_message(res['message'], user, token)
elif res['status'] == 1: elif res['status'] == 1:
user = None user = None
token = create_auth_token(user) token = create_auth_token(user)
return send_error(404, res['message'], token) return send_error(404, res['message'], token)
else:
return send_error(400, 'Error : Empty email and/or password fields.')
else: else:
return send_error(400, 'POST Request Error : Need email, password fields.') return send_error(400, 'Error : Need email, password fields.')
# Register # Register
@ -35,15 +37,17 @@ def register():
post_email = str(post_json['email']) post_email = str(post_json['email'])
post_nickname = str(post_json['nickname']) post_nickname = str(post_json['nickname'])
post_password = str(post_json['password']) post_password = str(post_json['password'])
post_is_admin = bool(post_json['is_admin'])
if post_email and post_nickname and post_password and post_is_admin: if post_email and post_nickname and post_password:
ip = request.remote_addr if post_email != '' and post_password != '' and post_nickname != '':
res = db_register(ip, post_email, post_nickname, post_password, post_is_admin) ip = request.remote_addr
if res['status'] == 1: res = db_register(ip, post_email, post_nickname, post_password)
return send_error(500, res['message']) if res['status'] == 1:
elif res['status'] == 0: return send_error(500, res['message'])
return send_message(res['message'], res['data']) elif res['status'] == 0:
return send_message(res['message'], res['data'])
else:
return send_error(400, 'Error : Empty email and/or password and/or nickname fields.')
except KeyError as e: except KeyError as e:
return send_error(400, 'POST Request Error : Need '+str(e)+' field.') return send_error(400, 'POST Request Error : Need '+str(e)+' field.')
@ -89,13 +93,16 @@ def user_update():
fields += ', password' fields += ', password'
if post_nickname is not None or post_password is not None: if post_nickname is not None or post_password is not None:
ip = request.remote_addr if post_nickname != '' and post_password != '':
user_id = token['payload']['id'] ip = request.remote_addr
res = db_user_update(ip, user_id, post_nickname, post_password) user_id = token['payload']['id']
if res['status'] == 1: res = db_user_update(ip, user_id, post_nickname, post_password)
return send_error(500, res['message']) if res['status'] == 1:
elif res['status'] == 0: return send_error(500, res['message'])
return send_message(res['message'], res['data']) elif res['status'] == 0:
return send_message(res['message'], res['data'])
else:
return send_error(400, 'Error : Empty nickname and/or password fields.')
else: else:
return send_error(400, 'POST Request Error : Need ' + fields + ' field.') return send_error(400, 'POST Request Error : Need ' + fields + ' field.')
else: else:
@ -105,7 +112,26 @@ def user_update():
# Delete User # Delete User
@app.route('/api/user/delete', methods=['DELETE']) @app.route('/api/user/delete', methods=['DELETE'])
def user_delete(): def user_delete():
return send_message('User.delete not implemented', None) token = check_auth_token(request)
if token['success']:
ip = request.remote_addr
user_id = token['payload']['id']
res = db_user_delete(ip, user_id)
if res['status'] == 1:
return send_error(500, res['message'])
elif res['status'] == 0:
db_create_log(
ip=ip,
action='logout',
message='User disconnected.',
has_succeeded=True,
status_code=0,
table='users',
id_user=token['payload']['id']
)
return send_message(res['message'], None, token_delete=True)
else:
return send_error(500, token['message'])
# Admin : Create User # Admin : Create User