API tools faq
paste
Guest User

Untitled

a guest
Feb 6th, 2018
438
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.40 KB | None | 0 0
raw download clone embed print report
  1. from myapp import app
  2. from flask import request, jsonify, g, abort, redirect, url_for, render_template, make_response, Response
  3. # import your database models
  4. from myapp.models import db, User, Token
  5. from functools import wraps
  6. import bcrypt
  7. import json
  8.  
  9. # Signin
  10.  
  11. @app.route('/api/signin', methods=['POST'])
  12. def signin():
  13. # get the user data
  14. json_data = request.json
  15. # fetch the user
  16. user = User.query.filter_by(email=json_data['email']).first()
  17. if user:
  18. password = json_data['password']
  19. saved_hashed_password = user.password
  20. if bcrypt.checkpw(password.encode('utf8'), saved_hashed_password):
  21. token = Token(user_id=user.id)
  22. if token:
  23. db.session.add(token)
  24. db.session.commit()
  25. # tokenCookie = Response.set_cookie('token_cookie',token.id)
  26. responseObj = {
  27. 'status': 'success',
  28. 'message': 'Successfully logged in'
  29. }
  30. resp = Response(json.dumps(responseObj,indent=2),status=200,mimetype=u'application/json')
  31. resp.set_cookie('token',token.id)
  32. return resp
  33. # return make_response(jsonify(responseObj)), 200
  34. else:
  35. responseObject = {
  36. 'status': 'failure',
  37. 'message': 'Token Not Received'
  38. }
  39. return make_response(jsonify(responseObject)), 400
  40. else:
  41. return make_response(jsonify({'status': 'User Password do not match'})), 404
  42. else:
  43. return make_response(jsonify({'status': 'User Does Not Exist'})), 404
  44.  
  45.  
  46. # Signup
  47.  
  48. @app.route('/api/signup', methods=['POST'])
  49. def signup():
  50. print ('data', request.data)
  51. print ('args', request.args)
  52. print ('json', request.json)
  53. email = request.json.get('email')
  54. password = request.json.get('password')
  55. # Encrypt the password and save it to database
  56. hashed_password = bcrypt.hashpw(password.encode('utf8'), bcrypt.gensalt())
  57. user = User(email=email, password=hashed_password)
  58. try:
  59. db.session.add(user)
  60. db.session.commit()
  61. responseObj = {
  62. 'status': 'success',
  63. 'message': 'User Successfully Registered'
  64. }
  65. return make_response(jsonify(responseObj)), 200
  66. except:
  67. responseObj = {
  68. 'status': 'failure',
  69. 'message': 'User Already Exists'
  70. }
  71. return make_response(jsonify(responseObj)), 404
  72.  
  73. # Interceptor to check if the route is authorized or not
  74.  
  75. def requires_authorization(f):
  76. @wraps(f)
  77. def decorated(*args, **kwargs):
  78. received_token = request.cookies.get('token')
  79. print(received_token)
  80. if received_token:
  81. #check if received token == token.value s
  82. result = User.query.join(Token, User.id == Token.user_id).filter(
  83. Token.value == received_token).first()
  84. if result is not None:
  85. # Give Access To Page
  86. g.user = result
  87. return f(*args, **kwargs)
  88. else:
  89. # Unauthorized Access
  90. abort(401)
  91. else:
  92. abort(401)
  93. return decorated
  94.  
  95. # Restricted Route
  96. @app.route('/user', methods=['GET'])
  97. @requires_authorization
  98. def created():
  99. print (g.user.__dict__)
  100. return jsonify({'created_at': g.user.created_at, 'email': g.user.email})
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!