Merge pull request #6 from sorrelbri/sj-auth

test authorization with user endpoint
This commit is contained in:
sorrelbri 2019-10-06 22:52:57 -07:00 committed by GitHub
commit 95f2c70c8f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 19 additions and 7 deletions

View file

@ -11,3 +11,7 @@ def api_home():
@api.route('/users') @api.route('/users')
def api_users(): def api_users():
return jsonify(UserEndpoint.users()) return jsonify(UserEndpoint.users())
@api.route('/user')
def api_user():
return jsonify(UserEndpoint.user())

View file

@ -1,7 +1,15 @@
from models.User import User, user_schema, users_schema from models.User import User, user_schema, users_schema
from flask import request, jsonify, Response, json
class UserEndpoint(object): class UserEndpoint(object):
def users(): def users():
user = User.query.all() users = User.query.all()
response = users_schema.dumps(user) response = users_schema.dumps(users)
return response
def user():
auth_header = request.headers.get('Authorization') or None
auth_token = auth_header.split(" ")[1]
user = User.decode_auth_token(auth_token) or None
response = json.dumps(user)
return response return response

View file

@ -23,7 +23,7 @@ def auth_signup():
response = { response = {
'status': 'success', 'status': 'success',
'message': 'Succesfully registered.', 'message': 'Succesfully registered.',
'auth_token': auth_token.decode() 'token': auth_token.decode()
} }
return jsonify(response), 201 return jsonify(response), 201
except Exception as e: except Exception as e:
@ -60,7 +60,7 @@ def auth_login():
response = { response = {
'status': 'success', 'status': 'success',
'message': 'Successfully logged in.', 'message': 'Successfully logged in.',
'auth_token': auth_token.decode() 'token': auth_token.decode()
} }
return jsonify(response), 200 return jsonify(response), 200
except Exception as e: except Exception as e:

View file

@ -80,9 +80,9 @@ class User(db.Model):
""" """
try: try:
payload = { payload = {
'exp': datetime.datetime.utcnow() + datetime.timedelta(days=0, seconds=5), 'exp': datetime.datetime.utcnow() + datetime.timedelta(hours=4),
'iat': datetime.datetime.utcnow(), 'iat': datetime.datetime.utcnow(),
'sub': user_id 'user': user_schema.dumps(self)
} }
return jwt.encode( return jwt.encode(
payload, payload,
@ -101,7 +101,7 @@ class User(db.Model):
""" """
try: try:
payload = jwt.decode(auth_token, os.environ.get('SECRET_KEY')) payload = jwt.decode(auth_token, os.environ.get('SECRET_KEY'))
return payload['sub'] return payload['user']
except jwt.ExpiredSignatureError: except jwt.ExpiredSignatureError:
return 'Signature expired. Please log in again.' return 'Signature expired. Please log in again.'
except jwt.InvalidTokenError: except jwt.InvalidTokenError: