-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathapi.py
99 lines (68 loc) · 2.99 KB
/
api.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
from flask import Flask, request, jsonify, make_response
from flask_sqlalchemy import SQLAlchemy
import uuid
from werkzeug.security import generate_password_hash, check_password_hash
import jwt
import datetime
from functools import wraps
app = Flask(__name__)
app.config['SECRET_KEY'] = 'sua_chave_conexao'
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite://///home/jgfilho/diretorio_seu_db'
db = SQLAlchemy(app)
class User(db.Model):
id = db.Column(db.Integer, primary_key=True)
public_id = db.Column(db.String(50), unique=True)
name = db.Column(db.String(50))
password = db.Column(db.String(80))
admin = db.Column(db.Boolean)
# Metodo para criar usuario
#Após a criação do usuário esse método pode ser removido, para garantir a segurança
#Ou vc pode adicionar o usuário direto no banco
@app.route('/user', methods=['POST'])
def create_user():
data = request.get_json()
hashed_password = generate_password_hash(data['password'], method='sha256')
new_user = User(public_id=str(uuid.uuid4()),
name=data['name'], password=hashed_password, admin=True)
db.session.add(new_user)
db.session.commit()
return jsonify({'message': 'New user created!'})
# Decorator para proteger o método
def token_required(f):
@wraps(f)
def decorated(*args, **kwargs):
token = None
if 'x-access-token' in request.headers:
token = request.headers['x-access-token']
if not token:
return jsonify({'message': 'Token is missing!'}), 401
try:
data = jwt.decode(token, app.config['SECRET_KEY'])
current_user = User.query.filter_by(
public_id=data['public_id']).first()
except:
return jsonify({'message': 'Token is invalid!'}), 401
return f(current_user, *args, **kwargs)
return decorated
@app.route('/', methods=['GET'])
@token_required
def index(current_user):
if not current_user.admin:
return jsonify({'message': 'Cannot perform that function!'})
return jsonify({'Staus': 'Acesso'})
#o metodo retonar o token que será utilizado nos outros métodos que necessitam de autenticação
@app.route('/login')
def login():
auth = request.authorization
if not auth or not auth.username or not auth.password:
return make_response('Could not verify', 401, {'WWW-Authenticate': 'Basic realm="Login required!"'})
user = User.query.filter_by(name=auth.username).first()
if not user:
return make_response('Could not verify', 401, {'WWW-Authenticate': 'Basic realm="Login required!"'})
if check_password_hash(user.password, auth.password):
token = jwt.encode({'public_id': user.public_id, 'exp': datetime.datetime.utcnow(
) + datetime.timedelta(minutes=1)}, app.config['SECRET_KEY'])
return jsonify({'token': token.decode('UTF-8')})
return make_response('Could not verify', 401, {'WWW-Authenticate': 'Basic realm="Login required!"'})
if __name__ == '__main__':
app.run(debug=True)