restructure account app layout

2024-11-22 17:10:29 +01:00 · 2019-07-09 15:45:43 +02:00 · 2019-07-09 15:45:43 +02:00 · c8c59eadca
commit c8c59eadca
parent 7b4b799a6d
4 changed files with 71 additions and 67 deletions
--- a/accounts/accounts/init.py
+++ b/accounts/accounts/init.py
@ -1,70 +1,5 @@
-from datetime import datetime, timedelta
+from flask import Flask
 from os import environ
 import base64
 from flask import Flask, jsonify, render_template, make_response, request
 from flask_cors import cross_origin
 from passlib.hash import bcrypt
 import jwt
 app = Flask(__name__)
-
+import accounts.views
@app.route("/")
 def home():
    return render_template("index.html")
@app.route("/api/login", methods=["POST"])
@cross_origin(origins=[environ.get("CORS_ORIGIN", "*")], supports_credentials=True)
 def post_login():
    credentials = request.get_json(force=True)
    if credentials["username"] != environ.get("USER", "offen"):
        return jsonify({"error": "bad username", "status": 401}), 401
    hashed_password = base64.standard_b64decode(environ.get("HASHED_PASSWORD", ""))
    if not bcrypt.verify(credentials["password"], hashed_password):
        return jsonify({"error": "bad password", "status": 401}), 401
    private_key = environ.get("JWT_PRIVATE_KEY", "")
    expiry = datetime.utcnow() + timedelta(hours=24)
    try:
        encoded = jwt.encode(
            {"ok": True, "exp": expiry}, private_key.encode(), algorithm="RS256"
        ).decode("utf-8")
    except jwt.exceptions.PyJWTError as encode_error:
        return jsonify({"error": str(encode_error), "status": 500}), 500
    resp = make_response(jsonify({"ok": True}))
    resp.set_cookie(
        "auth",
        encoded,
        httponly=True,
        expires=expiry,
        path="/",
        domain=environ.get("COOKIE_DOMAIN"),
        samesite="strict"
    )
    return resp
@app.route("/api/login", methods=["GET"])
@cross_origin(origins=[environ.get("CORS_ORIGIN", "*")], supports_credentials=True)
 def get_login():
    auth_cookie = request.cookies.get("auth")
    public_key = environ.get("JWT_PUBLIC_KEY", "")
    try:
        jwt.decode(auth_cookie, public_key)
    except jwt.exceptions.PyJWTError as unauthorized_error:
        return jsonify({"error": str(unauthorized_error), "status": 401}), 401
    return jsonify({"ok": True})
 # This route is not supposed to be called by client-side applications, so
 # no CORS configuration is added
@app.route("/api/key", methods=["GET"])
 def key():
    public_key = environ.get("JWT_PUBLIC_KEY", "").strip()
    return jsonify({"key": public_key})
--- a/accounts/accounts/views.py
+++ b/accounts/accounts/views.py
@ -0,0 +1,69 @@
 from datetime import datetime, timedelta
 from os import environ
 import base64
 from flask import jsonify, render_template, make_response, request
 from flask_cors import cross_origin
 from passlib.hash import bcrypt
 import jwt
 from accounts import app
@app.route("/")
 def home():
    return render_template("index.html")
@app.route("/api/login", methods=["POST"])
@cross_origin(origins=[environ.get("CORS_ORIGIN", "*")], supports_credentials=True)
 def post_login():
    credentials = request.get_json(force=True)
    if credentials["username"] != environ.get("USER", "offen"):
        return jsonify({"error": "bad username", "status": 401}), 401
    hashed_password = base64.standard_b64decode(environ.get("HASHED_PASSWORD", ""))
    if not bcrypt.verify(credentials["password"], hashed_password):
        return jsonify({"error": "bad password", "status": 401}), 401
    private_key = environ.get("JWT_PRIVATE_KEY", "")
    expiry = datetime.utcnow() + timedelta(hours=24)
    try:
        encoded = jwt.encode(
            {"ok": True, "exp": expiry}, private_key.encode(), algorithm="RS256"
        ).decode("utf-8")
    except jwt.exceptions.PyJWTError as encode_error:
        return jsonify({"error": str(encode_error), "status": 500}), 500
    resp = make_response(jsonify({"ok": True}))
    resp.set_cookie(
        "auth",
        encoded,
        httponly=True,
        expires=expiry,
        path="/",
        domain=environ.get("COOKIE_DOMAIN"),
        samesite="strict"
    )
    return resp
@app.route("/api/login", methods=["GET"])
@cross_origin(origins=[environ.get("CORS_ORIGIN", "*")], supports_credentials=True)
 def get_login():
    auth_cookie = request.cookies.get("auth")
    public_key = environ.get("JWT_PUBLIC_KEY", "")
    try:
        jwt.decode(auth_cookie, public_key)
    except jwt.exceptions.PyJWTError as unauthorized_error:
        return jsonify({"error": str(unauthorized_error), "status": 401}), 401
    return jsonify({"ok": True})
 # This route is not supposed to be called by client-side applications, so
 # no CORS configuration is added
@app.route("/api/key", methods=["GET"])
 def key():
    public_key = environ.get("JWT_PUBLIC_KEY", "").strip()
    return jsonify({"key": public_key})
--- a/accounts/accounts/tests/init.py
+++ b/accounts/accounts/tests/init.py
--- a/accounts/accounts/tests/test_jwt.py
+++ b/accounts/accounts/tests/test_jwt.py