Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- from flask import Flask, jsonify, abort, make_response, request, session
- from flask_login import LoginManager, UserMixin, \
- login_required, login_user, logout_user
- from functools import wraps
- from marshmallow import Schema, fields, post_load
- from flask_sqlalchemy import SQLAlchemy
- import datetime as dt
- import flask_login as fl
- import pymysql
- from functools import wraps
- pymysql.install_as_MySQLdb()
- app = Flask(__name__)
- app.config['SQLALCHEMY_DATABASE_URI'] = 'mysql://user:1234@0.0.0.0:3316/app'
- db = SQLAlchemy(app)
- login_manager = LoginManager()
- login_manager.init_app(app)
- login_manager.login_view = "login"
- app.config.update(
- DEBUG = True,
- SECRET_KEY = 'secret_xxx'
- )
- class User(db.Model, UserMixin):
- id = db.Column(db.String, primary_key=True)
- name = db.Column(db.String(80), unique=True, nullable=False)
- email = db.Column(db.String(120), unique=True, nullable=False)
- role = db.Column(db.String(120), unique=True, nullable=False)
- password = db.Column(db.String(120), unique=True, nullable=False)
- def __init__(self):
- self.name = name
- # self.lastname = lastname
- self.password = password
- self.email = email
- self.role = role
- self.created_at = dt.datetime.now()
- def __repr__(self):
- return '<User(name={self.name!r})>'.format(self=self)
- def admin_only(func):
- @wraps(func)
- def decorated_view(*args, **kwargs):
- if fl.current_user.role == 'admin':
- return func(*args, **kwargs)
- return make_response(jsonify({'error': 'Access Denied'}), 401)
- return decorated_view
- def auth(username, password):
- user = User.query.filter_by(name=username).first()
- if user.password == password:
- return user
- @app.route('/api/v1.0/login', methods=['POST'])
- def login():
- user = auth(request.json['username'], request.json['password'])
- if user is None:
- abort(400)
- login_user(user)
- return make_response(jsonify({'accepted': 'success'}), 201)
- @app.route('/api/v1.0/logged', methods=['GET'])
- @login_required
- @admin_only
- def logged():
- return jsonify({'res':'logged'})
- @login_manager.user_loader
- def load_user(user_id):
- return User.query.filter_by(id=user_id).first()
- @app.route('/api/v1.0/logout', methods=['GET'])
- @login_required
- def logout():
- logout_user()
- return make_response(jsonify({'accepted': 'success'}), 201)
- if __name__ == '__main__':
- app.run(debug=True, port=5001)
Add Comment
Please, Sign In to add comment