forked from oyd/Adunatio
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
92 lines
2.7 KiB
92 lines
2.7 KiB
from flask import Flask, request, jsonify
|
|
from flask_admin.contrib.mongoengine import ModelView
|
|
from flask_jwt_extended import JWTManager, create_access_token
|
|
from mongoengine import connect
|
|
from werkzeug.security import check_password_hash
|
|
|
|
from os import environ, path
|
|
from dotenv import load_dotenv
|
|
|
|
from internal_lib.AuthMethods import AuthJWT
|
|
from models.Group import Group
|
|
from models.Union import Union
|
|
from models.User import User
|
|
from restapi import MongoApi
|
|
from flask_admin import Admin
|
|
|
|
"""
|
|
Load .env file and get variables
|
|
"""
|
|
|
|
base_path = path.abspath(path.dirname(__file__))
|
|
load_dotenv(path.join(base_path, '.env'))
|
|
|
|
MONGO_HOST = environ.get('MONGO_HOST')
|
|
MONGO_USER = environ.get('MONGO_USER')
|
|
MONGO_PASSWORD = environ.get('MONGO_PASSWORD')
|
|
|
|
"""
|
|
Mongodb connection string
|
|
"""
|
|
connect('adunatio', host=MONGO_HOST, username=MONGO_USER, password=MONGO_PASSWORD, authentication_source='admin')
|
|
|
|
app = Flask(__name__)
|
|
app.secret_key = environ.get('APP_SECRET')
|
|
app.config["JWT_TOKEN_LOCATION"] = "headers"
|
|
app.config["JWT_HEADER_NAME"] = "Adunation_Session_Token"
|
|
app.config["JWT_HEADER_TYPE"] = "Bearer"
|
|
|
|
"""
|
|
flask jwt extended register
|
|
"""
|
|
jwt = JWTManager(app)
|
|
|
|
"""
|
|
flask mongorester register
|
|
"""
|
|
api = MongoApi(app, authentication_methods=[AuthJWT])
|
|
api.register_model(User, uri="/api/user")
|
|
api.register_model(Union, uri="/api/union")
|
|
|
|
"""
|
|
flask admin register
|
|
"""
|
|
|
|
adm = Admin(app)
|
|
adm.add_view(ModelView(User))
|
|
adm.add_view(ModelView(Union))
|
|
adm.add_view(ModelView(Group))
|
|
|
|
"""
|
|
login function
|
|
"""
|
|
|
|
|
|
@app.route('/auth/login', methods=['POST'])
|
|
def login():
|
|
if not request.is_json:
|
|
return jsonify({"message": "Missing JSON in request", "error": "parameter_error", "status":False}), 400
|
|
|
|
username = request.json.get('username', None)
|
|
password = request.json.get('password', None)
|
|
if not username:
|
|
return jsonify({"message": "Missing username parameter", "error": "parameter_error", "status":False}), 400
|
|
if not password:
|
|
return jsonify({"message": "Missing password parameter", "error": "parameter_error", "status":False}), 400
|
|
|
|
try:
|
|
user = User.objects.get(username=username)
|
|
except Exception as e:
|
|
app.logger.error(e)
|
|
return jsonify({"message": "Bad username or password", "error": "Unauthorized", "status": False}), 401
|
|
|
|
if not check_password_hash(user.password,password):
|
|
return jsonify({"message": "Bad username or password", "error": "Unauthorized", "status":False}), 401
|
|
|
|
# Identity can be any data that is json serializable
|
|
access_token = create_access_token(identity=str(user.id))
|
|
return jsonify(access_token=access_token,status=True), 200
|
|
|
|
|
|
if __name__ == '__main__':
|
|
app.run(host="0.0.0.0", port=5000, debug=True)
|
|
|