Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
C
CS123-Canteeneo
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Willard Torres
CS123-Canteeneo
Commits
131d457f
Commit
131d457f
authored
Oct 25, 2016
by
Willard
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add token authentication, fix wrong name in model
parent
2f13df5a
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
36 additions
and
10 deletions
+36
-10
api.py
canteeneo/api.py
+16
-7
models.py
canteeneo/models.py
+20
-3
No files found.
canteeneo/api.py
View file @
131d457f
from
canteeneo
import
app
,
db
,
auth
from
canteeneo
import
app
,
db
,
auth
from
flask
import
jsonify
,
request
from
flask
import
jsonify
,
request
,
g
from
models
import
Dish
,
Stall
,
Location
,
User
from
models
import
Dish
,
Stall
,
Location
,
User
from
datetime
import
datetime
from
datetime
import
datetime
...
@@ -44,18 +44,18 @@ def search():
...
@@ -44,18 +44,18 @@ def search():
@
app
.
route
(
'/api/users/new'
,
methods
=
[
"POST"
])
@
app
.
route
(
'/api/users/new'
,
methods
=
[
"POST"
])
def
new_user
():
def
new_user
():
name
=
request
.
form
[
'
name'
]
username
=
request
.
form
[
'user
name'
]
email
=
request
.
form
[
'email'
]
email
=
request
.
form
[
'email'
]
password
=
request
.
form
[
'password'
]
password
=
request
.
form
[
'password'
]
user
=
User
.
query
.
filter_by
(
name
=
name
)
.
first
()
user
=
User
.
query
.
filter_by
(
username
=
user
name
)
.
first
()
if
user
is
not
None
:
if
user
is
not
None
:
return
'Username is alreadye taken!'
return
'Username is alreadye taken!'
user
=
User
.
query
.
filter_by
(
email
=
email
)
.
first
()
user
=
User
.
query
.
filter_by
(
email
=
email
)
.
first
()
if
user
is
not
None
:
if
user
is
not
None
:
return
'Email address is already taken!'
return
'Email address is already taken!'
user
=
User
(
name
,
email
,
password
)
user
=
User
(
user
name
,
email
,
password
)
db
.
session
.
add
(
user
)
db
.
session
.
add
(
user
)
db
.
session
.
commit
()
db
.
session
.
commit
()
...
@@ -63,10 +63,19 @@ def new_user():
...
@@ -63,10 +63,19 @@ def new_user():
@
auth
.
verify_password
@
auth
.
verify_password
def
verify_password
(
username
,
password
):
def
verify_password
(
username
,
password
):
user
=
User
.
query
.
filter_by
()
user
=
User
.
verify_token
(
username
)
pass
print
(
user
)
if
user
is
None
:
user
=
User
.
query
.
filter_by
(
username
=
username
)
.
first
()
print
(
user
)
if
user
is
None
or
not
user
.
check_password
(
password
):
return
False
print
(
user
)
g
.
user
=
user
return
True
@
app
.
route
(
'/api/token'
)
@
app
.
route
(
'/api/token'
)
@
auth
.
login_required
@
auth
.
login_required
def
get_auth_token
():
def
get_auth_token
():
pass
token
=
g
.
user
.
generate_token
()
return
jsonify
({
'token'
:
token
.
decode
(
'ascii'
),
'duration'
:
600
})
canteeneo/models.py
View file @
131d457f
from
canteeneo
import
db
from
canteeneo
import
app
,
db
from
werkzeug.security
import
generate_password_hash
,
check_password_hash
from
werkzeug.security
import
generate_password_hash
,
check_password_hash
from
itsdangerous
import
TimedJSONWebSignatureSerializer
as
Serializer
,
BadSignature
,
SignatureExpired
dish_favorites
=
db
.
Table
(
'dish_favorites'
,
dish_favorites
=
db
.
Table
(
'dish_favorites'
,
db
.
Column
(
'dish_id'
,
db
.
Integer
,
db
.
ForeignKey
(
'dish.id'
)),
db
.
Column
(
'dish_id'
,
db
.
Integer
,
db
.
ForeignKey
(
'dish.id'
)),
...
@@ -94,8 +95,8 @@ class User(db.Model):
...
@@ -94,8 +95,8 @@ class User(db.Model):
dish_reviews
=
db
.
relationship
(
'DishReview'
,
backref
=
'user'
,
lazy
=
'dynamic'
)
dish_reviews
=
db
.
relationship
(
'DishReview'
,
backref
=
'user'
,
lazy
=
'dynamic'
)
stall_reviews
=
db
.
relationship
(
'StallReview'
,
backref
=
'user'
,
lazy
=
'dynamic'
)
stall_reviews
=
db
.
relationship
(
'StallReview'
,
backref
=
'user'
,
lazy
=
'dynamic'
)
def
__init__
(
self
,
name
,
email
,
password
):
def
__init__
(
self
,
user
name
,
email
,
password
):
self
.
name
=
name
self
.
username
=
user
name
self
.
email
=
email
self
.
email
=
email
self
.
set_password
(
password
)
self
.
set_password
(
password
)
...
@@ -105,6 +106,22 @@ class User(db.Model):
...
@@ -105,6 +106,22 @@ class User(db.Model):
def
check_password
(
self
,
password
):
def
check_password
(
self
,
password
):
return
check_password_hash
(
self
.
password
,
password
)
return
check_password_hash
(
self
.
password
,
password
)
def
generate_token
(
self
):
s
=
Serializer
(
app
.
config
[
'SECRET_KEY'
],
expires_in
=
600
)
return
s
.
dumps
({
'id'
:
self
.
id
})
@
staticmethod
def
verify_token
(
token
):
s
=
Serializer
(
app
.
config
[
'SECRET_KEY'
])
try
:
data
=
s
.
loads
(
token
)
except
SignatureExpired
:
return
None
except
BadSignature
:
return
None
user
=
User
.
query
.
get
(
data
[
'id'
])
return
user
class
DishReview
(
db
.
Model
):
class
DishReview
(
db
.
Model
):
id
=
db
.
Column
(
db
.
Integer
,
primary_key
=
True
)
id
=
db
.
Column
(
db
.
Integer
,
primary_key
=
True
)
title
=
db
.
Column
(
db
.
String
(
80
))
title
=
db
.
Column
(
db
.
String
(
80
))
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment