adAZ1jvB

· 6 years ago · Feb 16, 2019, 08:16 AM
1from flask import Flask, jsonify, abort, make_response, request, session
2from flask_login import LoginManager, UserMixin, \
3login_required, login_user, logout_user 
4from functools import wraps
5from marshmallow import Schema, fields, post_load
6from flask_sqlalchemy import SQLAlchemy
7import datetime as dt
8import flask_login as fl
9import pymysql
10from functools import wraps
11pymysql.install_as_MySQLdb()
12
13
14
15app = Flask(__name__)
16app.config['SQLALCHEMY_DATABASE_URI'] = 'mysql://user:1234@0.0.0.0:3316/app'
17db = SQLAlchemy(app)
18login_manager = LoginManager()
19login_manager.init_app(app)
20login_manager.login_view = "login"
21app.config.update(
22    DEBUG = True,
23    SECRET_KEY = 'secret_xxx'
24)
25
26
27class User(db.Model, UserMixin):
28    id = db.Column(db.String, primary_key=True)
29    name = db.Column(db.String(80), unique=True, nullable=False)
30    email = db.Column(db.String(120), unique=True, nullable=False)
31    role = db.Column(db.String(120), unique=True, nullable=False)
32    password = db.Column(db.String(120), unique=True, nullable=False)
33
34    def __init__(self):
35        self.name = name
36        # self.lastname = lastname
37        self.password = password
38        self.email = email
39        self.role = role
40        self.created_at = dt.datetime.now()
41
42    def __repr__(self):
43        return '<User(name={self.name!r})>'.format(self=self)
44
45
46
47
48
49def admin_only(func):
50    @wraps(func)
51    def decorated_view(*args, **kwargs):
52        if fl.current_user.role == 'admin':
53            return func(*args, **kwargs)
54        return make_response(jsonify({'error': 'Access Denied'}), 401)
55    return decorated_view
56
57
58def auth(username, password):
59    user = User.query.filter_by(name=username).first()
60    if user.password == password:
61        return user
62    
63
64
65
66
67@app.route('/api/v1.0/login', methods=['POST'])
68def login():
69        user = auth(request.json['username'], request.json['password'])
70        if user is None:
71            abort(400)
72        login_user(user)
73        return make_response(jsonify({'accepted': 'success'}), 201)
74
75
76@app.route('/api/v1.0/logged', methods=['GET'])
77@login_required
78@admin_only
79def logged():
80    return jsonify({'res':'logged'})
81
82@login_manager.user_loader
83def load_user(user_id):
84    return User.query.filter_by(id=user_id).first()
85
86@app.route('/api/v1.0/logout', methods=['GET'])
87@login_required
88def logout():
89    logout_user()
90    return make_response(jsonify({'accepted': 'success'}), 201)
91
92
93if __name__ == '__main__':
94    app.run(debug=True, port=5001)