Merge branch 'auth' into 'main'

Auth added login and signup + json web token authorization See merge request daniel/rona-backend!1
added authorization, signup, login with jwt
2020-07-30 17:23:01 +02:00 · 2020-07-30 17:23:01 +02:00
7 changed files with 72 additions and 4 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -214,3 +214,5 @@ dmypy.json
 .pytype/

 # End of https://www.toptal.com/developers/gitignore/api/python,intellij
+
+*.sqlite
--- a/auth/init.py
+++ b/auth/init.py
--- a/auth/auth.py
+++ b/auth/auth.py
@@ -0,0 +1,43 @@
+from flask import Blueprint, request
+from flask_jwt_extended import create_access_token
+from http import HTTPStatus
+from werkzeug.security import check_password_hash, generate_password_hash
+
+from database import db
+from database.user import User
+
+auth = Blueprint('auth', __name__)
+
+
+@auth.route('/login', methods=['POST'])
+def login():
+    username = request.form.get('username')
+    password = request.form.get('password')
+
+    user = User.query.filter_by(username=username).first()
+    if user and check_password_hash(user.password, password):
+        return {'id': user.id,
+                'username': user.username,
+                'email': user.email,
+                'token': create_access_token(identity=user.username)}
+    return {'description': 'Username or password is invalid'}, HTTPStatus.UNAUTHORIZED
+
+
+@auth.route('/signup', methods=['POST'])
+def signup():
+    username = request.form.get('username')
+    email = request.form.get('email')
+    password = request.form.get('password')
+
+    user = User.query.filter_by(username=username).first()
+    if user:
+        return {'description': f'A user called {username} exists already.'}, HTTPStatus.CONFLICT
+
+    # TODO sanity check for password length etc
+    user = User(username=username,
+                email=email,
+                password=generate_password_hash(password))
+    db.session.add(user)
+    db.session.commit()
+
+    return '', HTTPStatus.NO_CONTENT
--- a/database/init.py
+++ b/database/init.py
@@ -0,0 +1,3 @@
+from flask_sqlalchemy import SQLAlchemy
+
+db = SQLAlchemy()
--- a/database/user.py
+++ b/database/user.py
@@ -0,0 +1,8 @@
+from . import db
+
+
+class User(db.Model):
+    id = db.Column(db.Integer, primary_key=True)
+    username = db.Column(db.String, unique=True)
+    email = db.Column(db.String, unique=True)
+    password = db.Column(db.String)
--- a/main.py
+++ b/main.py
@@ -1,18 +1,19 @@
 import random
-import time

 from flask import Flask, request
 from flask_cors import CORS
-# from flask_restful import Api
+from flask_jwt_extended import JWTManager, jwt_required
 from flask_socketio import SocketIO

+from database import db
+
 app = Flask(__name__)
 cors = CORS(app)
-# api = Api(app)
 sio = SocketIO(app, cors_allowed_origins='*')


@app.route('/')
+@jwt_required
 def home():
    return {'url': '/', 'body': 'test body'}

@@ -39,5 +40,14 @@ def public_message(kwargs):
    print(kwargs)
    sio.emit('public message', kwargs)

+
 if __name__ == '__main__':
+    from auth.auth import auth as auth_blueprint
+    app.config['JWT_SECRET_KEY'] = 'super-secret-key'  # TODO FIX THIS
+    app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///db.sqlite'
+    db.init_app(app)
+    JWTManager(app)
+    app.register_blueprint(auth_blueprint)
+    with app.app_context():
+        db.create_all()
    sio.run(app, port=5005)
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,5 +1,7 @@
 eventlet==0.25.2
 flask==1.1.2
 flask-cors==3.0.8
-flask-restful==0.3.8
+flask-jwt-extended==3.24.1
 flask-socketio==4.3.1
+flask-sqlalchemy==2.4.4
+Werkzeug~=1.0.1
Author	SHA1	Message	Date
Daniel Lukats	55a60dbb1d	Merge branch 'auth' into 'main' Auth added login and signup + json web token authorization See merge request daniel/rona-backend!1	2020-07-30 17:23:01 +02:00
Daniel Lukats	7d6f98ffda	added authorization, signup, login with jwt	2020-07-30 17:23:01 +02:00