· 7 years ago · Jun 01, 2018, 10:48 AM
1Testcase:
2
3def test_works(client):
4 resp = client.post('/api/auth', json={'username': 'test', 'password': 'test'})
5 data = resp.data.decode()
6 assert data is not None
7 assert isinstance(data, str)
8
9Ressource:
10from flask.views import MethodView
11from flask import request, current_app
12import jwt
13from datetime import datetime, timedelta
14
15from .schemas import AuthSchema, AuthResultSchema
16from .models import User
17
18
19class AuthResource(MethodView):
20 def get(self):
21 pass
22
23 def post(self):
24 secret_key = current_app.config['SECRET_KEY']
25 session_validity = current_app.config['SESSION_VALIDITY']
26 data = request.get_json() or {}
27 schema = AuthSchema()
28 error = schema.validate(data)
29 if error:
30 return AuthResultSchema(
31 message='Payload is invalid',
32 errors=error,
33 status_code=400
34 ).jsonify()
35 # TODO not working
36 print(data.get('username'))
37 print(User.query.first())
38 user = User.query.filter_by(username=data.get('username')).first() or None
39 if user and user.verify_password(data.get('password')):
40 return AuthResultSchema(
41 message='Wrong credentials',
42 errors=['Wrong credentials'],
43 status_code=401
44 ).jsonify()
45 jwt_data = {
46 'publicId': user.public_id,
47 'username': user.username,
48 'email': user.email,
49 'exp': datetime.now() + timedelta(hours=int(session_validity))
50 }
51 token = jwt.encode(jwt_data, key=secret_key).decode()
52 return AuthResultSchema(
53 message='Authentication was successful',
54 token=token
55 ).jsonify()