API tools faq
paste
Guest User

Suposty

a guest
Feb 16th, 2019
85
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 2.52 KB | None | 0 0
raw download clone embed print report
  1. from flask import Flask, jsonify, abort, make_response, request, session
  2. from flask_login import LoginManager, UserMixin, \
  3. login_required, login_user, logout_user
  4. from functools import wraps
  5. from marshmallow import Schema, fields, post_load
  6. from flask_sqlalchemy import SQLAlchemy
  7. import datetime as dt
  8. import flask_login as fl
  9. import pymysql
  10. from functools import wraps
  11. pymysql.install_as_MySQLdb()
  12.  
  13.  
  14.  
  15. app = Flask(__name__)
  16. app.config['SQLALCHEMY_DATABASE_URI'] = 'mysql://user:1234@0.0.0.0:3316/app'
  17. db = SQLAlchemy(app)
  18. login_manager = LoginManager()
  19. login_manager.init_app(app)
  20. login_manager.login_view = "login"
  21. app.config.update(
  22.     DEBUG = True,
  23.     SECRET_KEY = 'secret_xxx'
  24. )
  25.  
  26.  
  27. class User(db.Model, UserMixin):
  28.     id = db.Column(db.String, primary_key=True)
  29.     name = db.Column(db.String(80), unique=True, nullable=False)
  30.     email = db.Column(db.String(120), unique=True, nullable=False)
  31.     role = db.Column(db.String(120), unique=True, nullable=False)
  32.     password = db.Column(db.String(120), unique=True, nullable=False)
  33.  
  34.     def __init__(self):
  35.         self.name = name
  36.         # self.lastname = lastname
  37.         self.password = password
  38.         self.email = email
  39.         self.role = role
  40.         self.created_at = dt.datetime.now()
  41.  
  42.     def __repr__(self):
  43.         return '<User(name={self.name!r})>'.format(self=self)
  44.  
  45.  
  46.  
  47.  
  48.  
  49. def admin_only(func):
  50.     @wraps(func)
  51.     def decorated_view(*args, **kwargs):
  52.         if fl.current_user.role == 'admin':
  53.             return func(*args, **kwargs)
  54.         return make_response(jsonify({'error': 'Access Denied'}), 401)
  55.     return decorated_view
  56.  
  57.  
  58. def auth(username, password):
  59.     user = User.query.filter_by(name=username).first()
  60.     if user.password == password:
  61.         return user
  62.    
  63.  
  64.  
  65.  
  66.  
  67. @app.route('/api/v1.0/login', methods=['POST'])
  68. def login():
  69.         user = auth(request.json['username'], request.json['password'])
  70.         if user is None:
  71.             abort(400)
  72.         login_user(user)
  73.         return make_response(jsonify({'accepted': 'success'}), 201)
  74.  
  75.  
  76. @app.route('/api/v1.0/logged', methods=['GET'])
  77. @login_required
  78. @admin_only
  79. def logged():
  80.     return jsonify({'res':'logged'})
  81.  
  82. @login_manager.user_loader
  83. def load_user(user_id):
  84.     return User.query.filter_by(id=user_id).first()
  85.  
  86. @app.route('/api/v1.0/logout', methods=['GET'])
  87. @login_required
  88. def logout():
  89.     logout_user()
  90.     return make_response(jsonify({'accepted': 'success'}), 201)
  91.  
  92.  
  93. if __name__ == '__main__':
  94.     app.run(debug=True, port=5001)
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!