androiddrew
/
cookie-api
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

added user profile endpoint

Browse Source
deb
androiddrew 7 years ago
parent a52d431e0d
commit 3ef15e7b48
1 changed files with 28 additions and 12 deletions
Show Stats Download Patch File Download Diff File

40
cookie_api/auth.py
Unescape Escape View File

@ -1,12 +1,13 @@
import datetime as dt import datetime as dt
from apistar import Component, Settings, http, Route, Include from apistar import Component, Settings, http, Route, Include, annotate
from apistar.interfaces import Auth
from apistar.backends.sqlalchemy_backend import Session from apistar.backends.sqlalchemy_backend import Session
from apistar_jwt.authentication import get_jwt from apistar_jwt.authentication import get_jwt, JWTAuthentication
from apistar_jwt.token import JWT from apistar_jwt.token import JWT
from apistar_mail import Message, Mail from apistar_mail import Message, Mail
from sqlalchemy.exc import IntegrityError, InvalidRequestError from sqlalchemy.exc import IntegrityError, InvalidRequestError
from sqlalchemy.orm.exc import NoResultFound
from cookie_api.models import User from cookie_api.models import User
@ -19,7 +20,16 @@ def login(settings: Settings, json_data: http.RequestData, session: Session):
user_id = json_data.get('email') user_id = json_data.get('email')
password = json_data.get('password') password = json_data.get('password')
user = session.query(User).filter_by(email=user_id).one() try:
user = session.query(User).filter_by(email=user_id).one()
except NoResultFound:
error = {
'status': 'fail',
'message': 'User does not exist'
}
return http.Response(error, status=400, headers={'WWW-Authenticate': 'Bearer'})
if not user.check_password(password): if not user.check_password(password):
error = {'error': 'Password auth failed'}, error = {'error': 'Password auth failed'},
return http.Response(error, status=401, headers={'WWW-Authenticate': 'Bearer'}) return http.Response(error, status=401, headers={'WWW-Authenticate': 'Bearer'})
@ -27,9 +37,9 @@ def login(settings: Settings, json_data: http.RequestData, session: Session):
secret = settings['JWT'].get('SECRET') secret = settings['JWT'].get('SECRET')
payload = { payload = {
'exp': dt.datetime.utcnow() + dt.timedelta(days=0, minutes=60), 'exp': dt.datetime.utcnow() + dt.timedelta(days=0, minutes=60), # Expiration date of the token
'iat': dt.datetime.utcnow(), 'iat': dt.datetime.utcnow(), # the time the token was generated
'sub': user.id 'sub': user.id # the subject of the token
} }
token = JWT.encode(payload, secret=secret) token = JWT.encode(payload, secret=secret)
@ -49,7 +59,7 @@ def logout():
# TODO Add user registration # TODO Add user registration
def register(json_data: http.RequestData, session: Session, mail:Mail): def register(json_data: http.RequestData, session: Session, mail: Mail):
user_id = json_data.get('email') user_id = json_data.get('email')
password = json_data.get('password') password = json_data.get('password')
@ -78,9 +88,14 @@ def register(json_data: http.RequestData, session: Session, mail:Mail):
return http.Response(message, status=200, headers=headers) return http.Response(message, status=200, headers=headers)
# TODO Add user profile endpoint @annotate(authentication=[JWTAuthentication()])
def user_profile(): def user_profile(auth: Auth, settings: Settings, session: Session):
pass token = JWT(token=auth.token, settings=settings)
user_id = token.payload.get('sub')
user = session.query(User).filter_by(id=user_id).one()
result = user.to_dict()
result.pop('password', None)
return result
# TODO Add email confirmation # TODO Add email confirmation
@ -95,7 +110,8 @@ def reset():
routes = [ routes = [
Route('/login', 'POST', login), Route('/login', 'POST', login),
Route('/register', 'POST', register) Route('/register', 'POST', register),
Route('/status', 'GET', user_profile)
] ]
auth_routes = [Include('/auth', routes)] auth_routes = [Include('/auth', routes)]

Write Preview
Loading…
Cancel
Save