Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!login/bin/python3
- import os
- from flask import Flask,jsonify, abort, make_response, request,g, url_for,render_template
- from flask_httpauth import HTTPBasicAuth
- from flask_restful import Api, Resource, reqparse, fields, marshal
- from flask_sqlalchemy import SQLAlchemy
- from passlib.apps import custom_app_context as pwd_context
- from itsdangerous import (TimedJSONWebSignatureSerializer
- as Serializer, BadSignature, SignatureExpired)
- # init
- app = Flask(__name__)
- app.config['SECRET_KEY'] = 'power you can trust'
- app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///db.sqlite'
- app.config['SQLALCHEMY_COMMIT_ON_TEARDOWN'] = True
- api = Api(app)
- # extentions
- db = SQLAlchemy(app)
- auth = HTTPBasicAuth()
- class Job(db.Model):
- __tablename__ = 'jobs'
- jobid = db.Column(db.Integer, primary_key= True)
- username = db.Column(db.String(32), index = True)
- jobname = db.Column(db.String(128))
- intime = db.Column(db.String(128))
- incoords = db.Column(db.String(64))
- outtime = db.Column(db.String(128))
- outcoords = db.Column(db.String(64))
- class User(db.Model):
- __tablename__ = 'users'
- id = db.Column(db.Integer, primary_key=True)
- username = db.Column(db.String(32),index=True)
- password_hash = db.Column(db.String(64))
- def hash_password(self, password):
- self.password_hash = pwd_context.encrypt(password)
- def verify_password(self, password):
- return pwd_context.verify(password, self.password_hash)
- def generate_auth_token(self, expiration=600):
- s = Serializer(app.config['SECRET_KEY'], expires_in=expiration)
- return s.dumps({'id': self.id})
- @staticmethod
- def verify_auth_token(token):
- s = Serializer(app.config['SECRET_KEY'])
- try:
- data = s.loads(token)
- except SignatureExpired:
- return None
- except BadSignature:
- return None
- user = User.query.get(data['id'])
- return user
- @auth.verify_password
- def verify_password(username_or_token, password):
- user = User.verify_auth_token(username_or_token)
- if not user:
- user = User.query.filter_by(username=username_or_token).first()
- if not user or not user.verify_password(password):
- return False
- g.user = user
- return True
- @app.route('/clockin/api/users', methods=['POST'])
- def new_user():
- username = request.json.get('username')
- password = request.json.get('password')
- if username is None or password is None:
- abort(400)
- if User.query.filter_by(username=username).first() is not None:
- abort(400)
- user = User(username=username)
- user.hash_password(password)
- db.session.add(user)
- db.session.commit()
- return (jsonify({'username':user.username}), 201,
- {'Location': url_for('get_user', id=user.id, _external=True)})
- @app.route('/clockin/api/users/<int:id>')
- def get_user(id):
- user = User.query.get(id)
- if not user:
- abort(400)
- return jsonify({'username': user.username})
- @app.route('/clockin/api/token')
- @auth.login_required
- def get_auth_token():
- token = g.user.generate_auth_token(600)
- return jsonify({'token': token.decode('ascii'), 'duration': 600})
- @app.route('/clockin/api/resources')
- @auth.login_required
- def get_resource():
- return jsonify({'data':'Hello, %s!' % g.user.username})
- job_fields = {
- 'jobname' : fields.String,
- 'username': fields.String,
- 'incoords' : fields.String,
- 'intime' : fields.String,
- 'outcoords' : fields.String,
- 'outtime' : fields.String,
- 'uri' : fields.Url('job')
- }
- class JobListAPI(Resource):
- decorators = [auth.login_required]
- def __init__(self):
- self.reqparse = reqparse.RequestParser()
- self.reqparse.add_argument('jobname', type = str, required = True,
- help= 'No job name provided', location = 'json')
- self.reqparse.add_argument('intime', type = str, required = True,
- help= 'No start time provided', location = 'json')
- self.reqparse.add_argument('incoords', type = str, default = "", location = 'json')
- super(JobListAPI, self).__init__()
- def get(self):
- return {'jobs' : [marshal(job, job_fields) for job in jobs]}
- def post(self):
- args = self.reqparse.parse_args()
- job = {
- 'id': jobs[-1]['id'] + 1,
- 'jobname' : args['jobname'],
- 'incoords':args['incoords'],
- 'intime':args['intime']
- }
- jobs.append(job)
- return {'job':marshal(job,job_fields)} ,201
- class JobAPI(Resource):
- decorators = [auth.login_required]
- def __init__(self):
- self.reqparse = reqparse.RequestParser()
- self.reqparse.add_argument('jobname', type = str, location='json')
- self.reqparse.add_argument('incoords', type = str, location='json')
- self.reqparse.add_argument('outtime', type = str, required = True, location='json')
- self.reqparse.add_argument('outcoords', type = str, default = "", location ='json')
- super(JobAPI, self).__init__()
- def get(self, id):
- job = [job for job in jobs if job['id'] == id]
- if len(job) == 0:
- abort(404)
- return ['job', marshal(job[0], job_fields)]
- def put(self,id):
- job = [job for job in jobs if job['id'] == id]
- if len(job) == 0:
- abort(404)
- job = job[0]
- args = self.reqparse.parse_args()
- for k, v in args.items():
- if v is not None:
- job[k] = v
- return {'job' : marshal(job,job_fields)}
- def delete(self,id):
- pass
- api.add_resource(JobListAPI, '/clockin/api/jobs', endpoint = 'jobs')
- api.add_resource(JobAPI, '/clockin/api/jobs/<int:id>', endpoint = 'job')
- jobs = [{'id':1}]
- @app.route('/')
- def index():
- return render_template('index.html')
- @auth.error_handler
- def unauthorized():
- return make_response(jsonify({'error':'Unauthorized Access'}),401)
- if __name__ =='__main__':
- if not os.path.exists('db.sqlite'):
- db.create_all()
- app.run(debug=True)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement