-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmanage.py
More file actions
188 lines (164 loc) · 5.85 KB
/
Copy pathmanage.py
File metadata and controls
188 lines (164 loc) · 5.85 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
from flask import Flask, request, jsonify, render_template, redirect, url_for, abort
import uuid
import jwt
import datetime
from functools import wraps
from user_model import UserModel
import re
import md5
app = Flask(__name__)
app.config['SECRET_KEY']='secret_key'
domain = '0.0.0.0'
port = 8001
def token_required(f):
@wraps(f)
def wrapper(*args, **kwargs):
token = None
print "TOKEN REQUIRED"
phone = kwargs['data']
if not phone:
phone = request.json.get('phone')
user_model_obj = UserModel()
user = user_model_obj.get(phone)
token = user['access_token']
if not token:
return jsonify({'message': 'a valid token is missing'})
try:
data = jwt.decode(token, app.config['SECRET_KEY'])
current_user = UserModel().get(data['phone'])
except:
return jsonify({'message': 'token is invalid'})
return f(current_user)
return wrapper
def verify_token(f):
@wraps(f)
def wrapper(*args, **kwargs):
token = None
#token = kwargs['data']
print args
token = request.json.get('token')
if not token:
return jsonify({'message': 'a valid token is missing'})
try:
data = jwt.decode(token, app.config['SECRET_KEY'])
#current_user = 'valid token'
except:
return jsonify({'message': 'token is invalid'})
return f()
return wrapper
@app.route('/register', methods=['POST'])
def register():
"""
direct call
"""
password = str(request.json.get('password'))
phone = str(request.json.get('phone'))
if not phone or not password:
#abort(400) #phone or password not given
return jsonify({'error':'phone/password error'})
if not __check_phone_number(phone):
print 'wrong phone number'
#abort(400) #phone number is wrong format #return 'Phone Number Incorrect'
return jsonify({'error':'phone number error'})
#has password
hashed_password = md5.md5(password).hexdigest()
#init data
new_user = {
'phone':phone,
'password':hashed_password,
'openid': str(uuid.uuid4()),
}
#set to database
user_model_obj = UserModel()
user_model_obj.set(phone,new_user)
#return (jsonify({'phone': phone}), 201,{'Location': url_for('get_user', id=phone, _external=True)})
return redirect(url_for('get_user',id=phone))
@app.route('/user/<int:id>')
def get_user(id):
"""
used for redirect not for direct call
"""
user = UserModel().get(id)
if not user:
#abort(400)
return jsonify({'error':'user error'})
return jsonify({'phone': user['phone']})
@app.route('/login', methods=['POST'])
def login_user():
"""
issue the user a new access token
direct call
"""
password = str(request.json.get('password'))
phone = str(request.json.get('phone'))
if phone is None or password is None:
#phone or password not submitted
jsonify({"error":"Enter Phone Number and Password "})
user_model_obj = UserModel()
user = user_model_obj.get(phone)
if user is None:
#no user with that phone number
return jsonify({"error":"Phone Number and/or Password is incorrect"})
#if there is a user with that phone number and the password is correct
if user and verify_password(user['password'], password):
#check if the user has an access_token
if 'access_token' in user:
try:
#check if access_token is still valid
data = jwt.decode(user['access_token'], app.config['SECRET_KEY'])
token = user['access_token']
except:
#if not valid issue new token
token = jwt.encode({'phone': user['phone'], 'exp' : datetime.datetime.utcnow() + datetime.timedelta(minutes=30)}, app.config['SECRET_KEY'])
else:
#if user doesn't have a token issue a token
token = jwt.encode({'phone': user['phone'], 'exp' : datetime.datetime.utcnow() + datetime.timedelta(minutes=30)}, app.config['SECRET_KEY'])
#update the users data with the token
user['access_token'] = token
user_model_obj.set(user['phone'], user)
else:
return jsonify({"error":"Username and/or Password is incorrect"})
print "REDIRECT"
#return (jsonify({'phone': phone}), 201,{'Location': url_for('get_profile', data=token, _external=True)})
return redirect(url_for('get_profile',data=phone))
@app.route('/api/profile/<data>', methods=['GET', 'POST'])
@token_required
def get_profile(current_user):
"""
redirect not for direct call
"""
print "GET PROFILE"
return jsonify({'current_user': current_user})
@app.route('/api/data/', methods=['GET', 'POST'])
@verify_token
def get_data():
"""
direct call
"""
return jsonify({'data': 'data'})
@app.route('/users', methods=['GET'])
def get_all_users():
"""
direct call
"""
user_model_obj = UserModel()
users = user_model_obj.keys()
result = []
user_data = {}
for user in users:
user_data.update({user:user_model_obj.get(user)})
result.append(user_data)
return jsonify({'users': result})
def __check_phone_number(phone):
phone = str(phone)
pre = re.compile('^0\d{2,3}\d{7,8}$|^1[23456789]\d{9}$|^147\d{8}')
phonematch = pre.match(phone)
if phonematch:
return True
return False
def verify_password(user_pass,password):
password = md5.md5(password).hexdigest()
if user_pass != password:
return False
return True
app.run(host=domain,port=port,debug=True)