Update: Login, Register and Logout
This commit is contained in:
parent
9cf1743627
commit
b81c57905c
4 changed files with 26 additions and 19 deletions
|
|
@ -48,7 +48,7 @@ def db_login(ip, email, password):
|
||||||
return {'status': 1, 'message': message} # Email or password invalid
|
return {'status': 1, 'message': message} # Email or password invalid
|
||||||
|
|
||||||
|
|
||||||
def db_register(ip, email, password, is_admin):
|
def db_register(ip, email, nickname, password, is_admin):
|
||||||
user = Users.query.filter(
|
user = Users.query.filter(
|
||||||
Users.email == email
|
Users.email == email
|
||||||
).first()
|
).first()
|
||||||
|
|
@ -75,6 +75,7 @@ def db_register(ip, email, password, is_admin):
|
||||||
user = Users(
|
user = Users(
|
||||||
email=email,
|
email=email,
|
||||||
hash_pass=hash_pass,
|
hash_pass=hash_pass,
|
||||||
|
nickname=nickname,
|
||||||
salt=salt,
|
salt=salt,
|
||||||
is_admin=is_admin
|
is_admin=is_admin
|
||||||
)
|
)
|
||||||
|
|
|
||||||
|
|
@ -18,7 +18,7 @@ def send_error(status_code, message, token=None):
|
||||||
return res
|
return res
|
||||||
|
|
||||||
|
|
||||||
def send_message(message, data, token=None):
|
def send_message(message, data, token=None, token_delete=False):
|
||||||
data_json = {
|
data_json = {
|
||||||
'status': 'success',
|
'status': 'success',
|
||||||
'message': message,
|
'message': message,
|
||||||
|
|
@ -32,4 +32,6 @@ def send_message(message, data, token=None):
|
||||||
res.headers['Access-Control-Allow-Origin'] = app.config.get('ALLOW_ORIGIN')
|
res.headers['Access-Control-Allow-Origin'] = app.config.get('ALLOW_ORIGIN')
|
||||||
if token is not None:
|
if token is not None:
|
||||||
res.set_cookie('SESSIONID', token)
|
res.set_cookie('SESSIONID', token)
|
||||||
|
if token_delete:
|
||||||
|
res.delete_cookie('SESSIONID')
|
||||||
return res
|
return res
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@ from flask import current_app as app
|
||||||
from flask import request
|
from flask import request
|
||||||
from .responses import send_message, send_error
|
from .responses import send_message, send_error
|
||||||
from .api_functions import db_login, db_register
|
from .api_functions import db_login, db_register
|
||||||
from .sessionJWT import create_auth_token, decode_auth_token, check_auth_token
|
from .sessionJWT import create_auth_token, check_auth_token
|
||||||
|
|
||||||
|
|
||||||
# Login
|
# Login
|
||||||
|
|
@ -31,19 +31,21 @@ def login():
|
||||||
@app.route('/api/register', methods=['POST'])
|
@app.route('/api/register', methods=['POST'])
|
||||||
def register():
|
def register():
|
||||||
post_json = request.json
|
post_json = request.json
|
||||||
post_email = str(post_json['email'])
|
try:
|
||||||
post_password = str(post_json['password'])
|
post_email = str(post_json['email'])
|
||||||
post_is_admin = bool(post_json['is_admin'])
|
post_nickname = str(post_json['nickname'])
|
||||||
|
post_password = str(post_json['password'])
|
||||||
|
post_is_admin = bool(post_json['is_admin'])
|
||||||
|
|
||||||
if post_email and post_password and post_is_admin:
|
if post_email and post_nickname and post_password and post_is_admin:
|
||||||
ip = request.remote_addr
|
ip = request.remote_addr
|
||||||
res = db_register(ip, post_email, post_password, post_is_admin)
|
res = db_register(ip, post_email, post_nickname, post_password, post_is_admin)
|
||||||
if res['status'] == 1:
|
if res['status'] == 1:
|
||||||
return send_error(500, res['message'])
|
return send_error(500, res['message'])
|
||||||
elif res['status'] == 0:
|
elif res['status'] == 0:
|
||||||
return send_message(res['message'], res['data'])
|
return send_message(res['message'], res['data'])
|
||||||
else:
|
except KeyError as e:
|
||||||
return send_error(400, 'POST Request Error : Need email, password and is_admin fields.')
|
return send_error(400, 'POST Request Error : Need '+str(e)+' field.')
|
||||||
|
|
||||||
|
|
||||||
# Logout
|
# Logout
|
||||||
|
|
@ -51,7 +53,7 @@ def register():
|
||||||
def logout():
|
def logout():
|
||||||
token = check_auth_token(request)
|
token = check_auth_token(request)
|
||||||
if token['success']:
|
if token['success']:
|
||||||
return send_message('User disconnected.', None)
|
return send_message('User disconnected.', None, token_delete=True)
|
||||||
else:
|
else:
|
||||||
return send_error(500, token['message'])
|
return send_error(500, token['message'])
|
||||||
|
|
||||||
|
|
@ -59,6 +61,7 @@ def logout():
|
||||||
# Update User
|
# Update User
|
||||||
@app.route('/api/user/update', methods=['PUT'])
|
@app.route('/api/user/update', methods=['PUT'])
|
||||||
def user_update():
|
def user_update():
|
||||||
|
token = check_auth_token(request)
|
||||||
return send_message('User.update not implemented', None)
|
return send_message('User.update not implemented', None)
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -24,13 +24,14 @@ def decode_auth_token(auth_token):
|
||||||
try:
|
try:
|
||||||
payload = jwt.decode(
|
payload = jwt.decode(
|
||||||
auth_token,
|
auth_token,
|
||||||
app.config.get('SECRET_KEY')
|
app.config.get('SECRET_KEY'),
|
||||||
|
algorithms='HS256'
|
||||||
)
|
)
|
||||||
return {'success': True, 'payload': payload['user']}
|
return {'success': True, 'payload': payload['user']}
|
||||||
except jwt.ExpiredSignatureError:
|
except jwt.ExpiredSignatureError:
|
||||||
return {'success': False, 'message': 'Signature expired . Please log in again.'}
|
return {'success': False, 'message': 'Signature expired . Please log in again.'}
|
||||||
except jwt.InvalidTokenError:
|
except jwt.InvalidTokenError as e:
|
||||||
return {'success': False, 'message': 'Invalid token. Please log in again.'}
|
return {'success': False, 'message': 'User not authenticated.'}
|
||||||
|
|
||||||
|
|
||||||
def check_auth_token(request):
|
def check_auth_token(request):
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue