This repository has been archived by the owner on Jan 20, 2024. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Add a current implementation of login/logout logic
* Add logging and some custom error templates * Add a hackish error handling
- Loading branch information
Showing
9 changed files
with
225 additions
and
10 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,14 +1,34 @@ | ||
from json import dumps | ||
|
||
from flask import Flask | ||
from flask_sqlalchemy import SQLAlchemy | ||
from sqlalchemy.orm.exc import NoResultFound | ||
|
||
from project_amber.config import config | ||
from project_amber.db import db | ||
from project_amber.errors import HTTPError | ||
from project_amber.handlers.auth import login, logout, login_check | ||
|
||
app = Flask(__name__) | ||
app.config["SQLALCHEMY_DATABASE_URI"] = config["database"] | ||
db = SQLAlchemy(app) | ||
db.init_app(app) | ||
|
||
app.add_url_rule("/api/login", "login", login, methods=["POST"]) | ||
app.add_url_rule("/api/logout", "logout", logout, methods=["POST"]) | ||
app.add_url_rule("/api/login_check", "login_check", login_check, methods=["GET"]) | ||
|
||
@app.before_first_request | ||
def create_tables(): | ||
db.create_all() # create all tables on first run | ||
|
||
db.create_all() # create all tables on first run | ||
@app.errorhandler(HTTPError) | ||
def handle_HTTP_errors(e): | ||
return dumps({ | ||
"message": e.message | ||
}), e.code | ||
|
||
@app.route("/") | ||
def hello(): | ||
return "works" | ||
# Hack. | ||
@app.errorhandler(NoResultFound) | ||
def handle_NoResultFound_errors(): | ||
return dumps({ | ||
"message": "Entity not found." | ||
}), 404 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
from json import dumps | ||
|
||
EMPTY_RESP = dumps({}) # Empty response, to be used in requests. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
from flask_sqlalchemy import SQLAlchemy | ||
|
||
db = SQLAlchemy() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,63 @@ | ||
from http import HTTPStatus | ||
|
||
from project_amber.logging import logError | ||
|
||
class HTTPError(Exception): | ||
""" | ||
Base class for all possible errors. | ||
""" | ||
def __init__(self, code: int, message: str): | ||
""" | ||
Initialize the error object. | ||
`code` - HTTP code. | ||
`message` - Descriptive error message (string). | ||
""" | ||
self.code = code | ||
self.message = message | ||
logError(self.message) | ||
super(HTTPError, self).__init__() | ||
|
||
class BadRequest(HTTPError): | ||
""" | ||
Exception class for payload data parsing errors. | ||
""" | ||
code = HTTPStatus.BAD_REQUEST | ||
message = "Bad request" | ||
def __init__(self): | ||
super().__init__(self.code, self.message) | ||
|
||
class InternalServerError(HTTPError): | ||
""" | ||
Exception class for DB errors. Probably going to be left unused. | ||
""" | ||
code = HTTPStatus.INTERNAL_SERVER_ERROR | ||
message = "Internal server error" | ||
def __init__(self): | ||
super().__init__(self.code, self.message) | ||
|
||
class NotFound(HTTPError): | ||
""" | ||
Exception class for users/groups/subjects not found. | ||
""" | ||
code = HTTPStatus.NOT_FOUND | ||
message = "Resource not found" | ||
def __init__(self): | ||
super().__init__(self.code, self.message) | ||
|
||
class NoAccess(HTTPError): | ||
""" | ||
Exception class for restricted access areas. | ||
""" | ||
code = HTTPStatus.FORBIDDEN | ||
message = "Access denied" | ||
def __init__(self): | ||
super().__init__(self.code, self.message) | ||
|
||
class Unauthorized(HTTPError): | ||
""" | ||
Exception class for login/auth check errors. | ||
""" | ||
code = HTTPStatus.UNAUTHORIZED | ||
message = "Unauthorized" | ||
def __init__(self): | ||
super().__init__(self.code, self.message) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
from json import dumps | ||
|
||
from flask import request | ||
|
||
from project_amber.const import EMPTY_RESP | ||
from project_amber.errors import BadRequest | ||
from project_amber.helpers.auth import handleChecks, removeSession, \ | ||
createSession | ||
|
||
def login_check(): | ||
""" | ||
Essentially a heartbeat request that drops HTTP 401 when | ||
unauthorized. Returns HTTP 200 with an empty response if otherwise. | ||
""" | ||
handleChecks() | ||
return EMPTY_RESP | ||
|
||
def login(): | ||
""" | ||
Login handler. Accepts this JSON: | ||
``` | ||
{ | ||
"name": "some_user_name", | ||
"password": "some_password" | ||
} | ||
``` | ||
Returns HTTP 200 with the JSON below on success: | ||
``` | ||
{ | ||
"token": "some_auth_token" | ||
} | ||
``` | ||
Drops HTTP 401 on fail. | ||
""" | ||
if not request.is_json: | ||
raise BadRequest | ||
if not "name" in request.json or not "password" in request.json: | ||
raise BadRequest | ||
token = createSession(request.json["name"], request.json["password"]) | ||
return dumps({ "token": token }) | ||
|
||
def logout(): | ||
""" | ||
Logout handler. Accepts empty JSON. Returns HTTP 200 on success. | ||
""" | ||
user = handleChecks() | ||
removeSession(user.token) | ||
return EMPTY_RESP |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
import logging | ||
|
||
from project_amber.config import config | ||
|
||
logging.basicConfig(level=logging.INFO) | ||
logger = logging.getLogger("sjbackend") | ||
|
||
def log(message): | ||
""" | ||
Wrapper for the logger calls. Only intended to be used in DB code. | ||
""" | ||
# This wrapper only logs things in case of loglevel being set to 2 | ||
# (log requests). | ||
if config["loglevel"] == 2: | ||
logger.info(message) | ||
|
||
def logError(message): | ||
""" | ||
Wrapper for the error messages. | ||
""" | ||
logger.error(message) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
from project_amber.app import db | ||
from project_amber.db import db | ||
|
||
class User(db.Model): | ||
""" | ||
|