yvachot/FlaskALED
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update: Login, Register and Logout

Browse source
This commit is contained in:
Yûki VACHOT 2022-01-05 13:17:31 +01:00
parent 9cf1743627
commit b81c57905c
4 changed files with 26 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

3
backend/application/api_functions.py
View file

@ -48,7 +48,7 @@ def db_login(ip, email, password):
return {'status': 1, 'message': message} # Email or password invalid
def db_register(ip, email, password, is_admin):
def db_register(ip, email, nickname, password, is_admin):
user = Users.query.filter(
Users.email == email
).first()
@ -75,6 +75,7 @@ def db_register(ip, email, password, is_admin):
user = Users(
email=email,
hash_pass=hash_pass,
nickname=nickname,
salt=salt,
is_admin=is_admin
)

4
backend/application/responses.py
View file

@ -18,7 +18,7 @@ def send_error(status_code, message, token=None):
return res
def send_message(message, data, token=None):
def send_message(message, data, token=None, token_delete=False):
data_json = {
'status': 'success',
'message': message,
@ -32,4 +32,6 @@ def send_message(message, data, token=None):
res.headers['Access-Control-Allow-Origin'] = app.config.get('ALLOW_ORIGIN')
if token is not None:
res.set_cookie('SESSIONID', token)
if token_delete:
res.delete_cookie('SESSIONID')
return res

31
backend/application/routes.py
View file

@ -2,7 +2,7 @@ from flask import current_app as app
from flask import request
from .responses import send_message, send_error
from .api_functions import db_login, db_register
from .sessionJWT import create_auth_token, decode_auth_token, check_auth_token
from .sessionJWT import create_auth_token, check_auth_token
# Login
@ -31,19 +31,21 @@ def login():
@app.route('/api/register', methods=['POST'])
def register():
post_json = request.json
post_email = str(post_json['email'])
post_password = str(post_json['password'])
post_is_admin = bool(post_json['is_admin'])
try:
post_email = str(post_json['email'])
post_nickname = str(post_json['nickname'])
post_password = str(post_json['password'])
post_is_admin = bool(post_json['is_admin'])
if post_email and post_password and post_is_admin:
ip = request.remote_addr
res = db_register(ip, post_email, post_password, post_is_admin)
if res['status'] == 1:
return send_error(500, res['message'])
elif res['status'] == 0:
return send_message(res['message'], res['data'])
else:
return send_error(400, 'POST Request Error : Need email, password and is_admin fields.')
if post_email and post_nickname and post_password and post_is_admin:
ip = request.remote_addr
res = db_register(ip, post_email, post_nickname, post_password, post_is_admin)
if res['status'] == 1:
return send_error(500, res['message'])
elif res['status'] == 0:
return send_message(res['message'], res['data'])
except KeyError as e:
return send_error(400, 'POST Request Error : Need '+str(e)+' field.')
# Logout
@ -51,7 +53,7 @@ def register():
def logout():
token = check_auth_token(request)
if token['success']:
return send_message('User disconnected.', None)
return send_message('User disconnected.', None, token_delete=True)
else:
return send_error(500, token['message'])
@ -59,6 +61,7 @@ def logout():
# Update User
@app.route('/api/user/update', methods=['PUT'])
def user_update():
token = check_auth_token(request)
return send_message('User.update not implemented', None)

7
backend/application/sessionJWT.py
View file

@ -24,13 +24,14 @@ def decode_auth_token(auth_token):
try:
payload = jwt.decode(
auth_token,
app.config.get('SECRET_KEY')
app.config.get('SECRET_KEY'),
algorithms='HS256'
)
return {'success': True, 'payload': payload['user']}
except jwt.ExpiredSignatureError:
return {'success': False, 'message': 'Signature expired . Please log in again.'}
except jwt.InvalidTokenError:
return {'success': False, 'message': 'Invalid token. Please log in again.'}
except jwt.InvalidTokenError as e:
return {'success': False, 'message': 'User not authenticated.'}
def check_auth_token(request):