-
Notifications
You must be signed in to change notification settings - Fork 1
/
api.py
54 lines (40 loc) · 1.61 KB
/
api.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
from flask import Flask, request, jsonify
import jwt
import requests
from config import SECRET_KEY, HOST, ACUNETIX_API_KEY
import Acunetix
headers = {"X-Auth":ACUNETIX_API_KEY,"content-type": "application/json"}
app = Flask(__name__)
def verify_token(token):
try:
payload = jwt.decode(token, SECRET_KEY, algorithms=['HS256'])
return payload['user_id']
except jwt.ExpiredSignatureError:
return None
except jwt.InvalidTokenError:
return None
@app.route('/api/start', methods=['POST'])
def start():
token = request.headers.get('Authorization')
if not token:
return jsonify({"response": "Missing token."}), 401
user_id = verify_token(token)
if not user_id:
return jsonify({"response": "Invalid or expired token."}), 401
return jsonify({"response": "Hello! This is a response from the /api/start endpoint."})
@app.route('/api/acunetix/<path:forward_part>', methods=['GET', 'POST'])
def acunetix(forward_part):
token = request.headers.get('Authorization')
if not token:
return jsonify({"response": "Missing token."}), 401
user_id = verify_token(token)
if not user_id:
return jsonify({"response": "Invalid or expired token."}), 401
url = f"{HOST}/api/v1/{forward_part}"
if request.method == 'POST':
response = requests.post(url, headers=headers, json=request.json, verify=False)
else: # GET request
response = requests.get(url, headers=headers, params=request.args, verify=False)
return jsonify(response.json()), response.status_code
if __name__ == '__main__':
app.run(host='0.0.0.0', port=5000)