-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathapp.py
95 lines (73 loc) · 2.65 KB
/
app.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
from flask import Flask, jsonify, request
from flask_cors import CORS
from flask_jwt_simple import (
JWTManager, jwt_required, create_jwt, get_jwt_identity
)
'''
const user1 = {
id : 1,
name : 'John',
surname : 'Doe',
email : 'demo@appseed.us',
password : 'demo'
};
const user2 = {
id : 2,
name : 'George',
surname : 'Clooney',
email : 'demo2@appseed.us',
password : 'demo'
};
'''
user1 = { 'id': 1, 'name' : 'John' , 'surname' : 'Doe' , 'email' : 'demo@appseed.us' , 'password' : 'demo' }
user2 = { 'id': 2, 'name' : 'George', 'surname' : 'Clooney' , 'email' : 'demo2@appseed.us' , 'password' : 'demo' }
Users = {
'demo@appseed.us' : user1,
'demo2@appseed.us' : user2,
}
app = Flask(__name__)
CORS(app)
# Setup the Flask-JWT-Simple extension
app.config['JWT_SECRET_KEY'] = 'super-secret' # Change this!
jwt = JWTManager(app)
# Provide a method to create access tokens. The create_jwt()
# function is used to actually generate the token
@app.route('/api/users/login', methods=['POST', 'OPTIONS'])
def login():
#username = 'demo@appseed.us'
#password = 'demo'
#user = {'_id': 1, "email": 'demo@appseed.us', 'name' : "John", 'surname' : "Doe", "token" : create_jwt(identity=username) }
#ret = {'user': user }
#return jsonify(ret), 200
###########################################################
#if not request.is_json:
# return jsonify({'errors': {'general' : 'format error (expected JSON)' }}), 400
username = None
password = None
try:
params = request.get_json()
username = params['user']['email']
password = params['user']['password']
# catch JSON format and missing keys (email / password)
except:
return jsonify({'errors': {'general' : 'Format error ' }}), 400
if not username in Users:
return jsonify({'errors': {'email' : 'User or email doesn\'t exist' }}), 400
user = Users[ username ] # aka email
if not password or password != user['password'] :
return jsonify({'errors': {'password' : 'Password is invalid' }}), 400
# inject token
user["token"] = create_jwt(identity=username)
# build response
ret = { 'user': user }
# All good, return response
return jsonify(ret), 200
# Protect a view with jwt_required, which requires a valid jwt
# to be present in the headers.
@app.route('/protected', methods=['GET'])
@jwt_required
def protected():
# Access the identity of the current user with get_jwt_identity
return jsonify({'hello_from': get_jwt_identity()}), 200
if __name__ == '__main__':
app.run(host='0.0.0.0', debug=True)