summaryrefslogtreecommitdiff
path: root/animism-align/cli
diff options
context:
space:
mode:
Diffstat (limited to 'animism-align/cli')
-rw-r--r--animism-align/cli/app/controllers/auth_controller.py22
-rw-r--r--animism-align/cli/app/controllers/crud_controller.py9
-rw-r--r--animism-align/cli/app/controllers/upload_controller.py2
-rw-r--r--animism-align/cli/app/controllers/user_controller.py15
-rw-r--r--animism-align/cli/app/server/web.py4
-rw-r--r--animism-align/cli/app/sql/models/user.py1
-rw-r--r--animism-align/cli/app/utils/auth_utils.py5
7 files changed, 43 insertions, 15 deletions
diff --git a/animism-align/cli/app/controllers/auth_controller.py b/animism-align/cli/app/controllers/auth_controller.py
new file mode 100644
index 0000000..9ed0ac3
--- /dev/null
+++ b/animism-align/cli/app/controllers/auth_controller.py
@@ -0,0 +1,22 @@
+from flask import request, jsonify
+from flask_classful import FlaskView, route
+from flask_jwt_extended import create_access_token
+
+from app.settings import app_cfg
+from app.sql.common import db, Session
+from app.sql.models.user import User
+
+from app.utils.auth_utils import authenticate
+
+class AuthView(FlaskView):
+ @route('/login', methods=['POST'])
+ def login(self):
+ username = request.json.get('username', None)
+ password = request.json.get('password', None)
+
+ user = authenticate(username, password)
+
+ response = {
+ 'token': create_access_token(identity=user.toJSON())
+ }
+ return jsonify(response), 200
diff --git a/animism-align/cli/app/controllers/crud_controller.py b/animism-align/cli/app/controllers/crud_controller.py
index 4fcb77d..78bff2d 100644
--- a/animism-align/cli/app/controllers/crud_controller.py
+++ b/animism-align/cli/app/controllers/crud_controller.py
@@ -1,7 +1,7 @@
from flask import request, jsonify
from flask_classful import FlaskView, route
from werkzeug.datastructures import MultiDict
-from flask_jwt import jwt_required
+from flask_jwt_extended import jwt_required
from app.sql.common import db, Session
from app.server.helpers import parse_search_args, parse_sort_args
@@ -114,10 +114,10 @@ class CrudView(FlaskView):
item = session.query(self.model).get(id)
if item:
raw_form = MultiDict(request.json) if request.json is not None else request.form
- form = self.form(raw_form, obj=item)
- # print(item.toJSON())
+ form = self.form(obj=item)
+ print(item.toJSON())
+ form.populate_obj(item)
if form.validate():
- form.populate_obj(item)
self.on_update(session, raw_form, item)
session.add(item)
session.commit()
@@ -126,6 +126,7 @@ class CrudView(FlaskView):
'res': item.toJSON(),
}
else:
+ print(form.errors)
res = {
'status': 'error',
'error': form.errors,
diff --git a/animism-align/cli/app/controllers/upload_controller.py b/animism-align/cli/app/controllers/upload_controller.py
index f363b0d..a81312d 100644
--- a/animism-align/cli/app/controllers/upload_controller.py
+++ b/animism-align/cli/app/controllers/upload_controller.py
@@ -1,6 +1,6 @@
from flask import request, jsonify
from flask_classful import FlaskView, route
-from flask_jwt import jwt_required
+from flask_jwt_extended import jwt_required
from werkzeug.datastructures import MultiDict
from werkzeug.utils import secure_filename
import os
diff --git a/animism-align/cli/app/controllers/user_controller.py b/animism-align/cli/app/controllers/user_controller.py
index 54b39ab..26aa656 100644
--- a/animism-align/cli/app/controllers/user_controller.py
+++ b/animism-align/cli/app/controllers/user_controller.py
@@ -7,14 +7,15 @@ from app.sql.models.user import User, UserForm
from app.controllers.crud_controller import CrudView
from app.utils.auth_utils import encrypt_password
-from flask_jwt import current_identity
+from flask_jwt_extended import get_jwt_identity
class UserView(CrudView):
model = User
form = UserForm
def on_create(self, session, form, item):
- if not current_identity.is_admin:
+ current_user = get_jwt_identity()
+ if not current_user['is_admin']:
raise ValueError("Unauthorized")
if 'password' in form:
item.password = encrypt_password(form['password'])
@@ -24,10 +25,10 @@ class UserView(CrudView):
item.settings = form['settings']
def on_update(self, session, form, item):
- if not current_identity.is_admin:
- if item.id != current_identity.id:
+ if not current_user['is_admin']:
+ if item.id != current_user['id']:
raise ValueError("Unauthorized")
- if current_identity.is_admin != item.is_admin:
+ if current_user['is_admin'] != item.is_admin:
raise ValueError("Unauthorized")
if 'password' in form:
item.password = encrypt_password(form['password'])
@@ -35,7 +36,7 @@ class UserView(CrudView):
item.settings = form['settings']
def on_destroy(self, session, item):
- if not current_identity.is_admin:
+ if not current_user['is_admin']:
raise ValueError("Unauthorized")
- if item.id == current_identity.id:
+ if item.id == current_user['id']:
raise ValueError("Unauthorized")
diff --git a/animism-align/cli/app/server/web.py b/animism-align/cli/app/server/web.py
index 3f2136a..af0c2d9 100644
--- a/animism-align/cli/app/server/web.py
+++ b/animism-align/cli/app/server/web.py
@@ -25,6 +25,7 @@ from app.controllers.media_controller import MediaView
from app.controllers.episode_controller import EpisodeView
from app.controllers.venue_controller import VenueView
from app.controllers.user_controller import UserView
+from app.controllers.auth_controller import AuthView
def create_app(script_info=None):
"""
@@ -36,7 +37,7 @@ def create_app(script_info=None):
app.config['SQLALCHEMY_DATABASE_URI'] = connection_url
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.config['SERVER_NAME'] = app_cfg.SERVER_NAME
- app.config['SECRET_KEY'] = app_cfg.TOKEN_SECRET
+ app.config['JWT_SECRET_KEY'] = app_cfg.TOKEN_SECRET
app.config['JWT_AUTH_URL_RULE'] = '/api/v1/auth/login'
# app.config['JWT_VERIFY_EXPIRATION'] = False
app.config['EXPIRATION_DELTA'] = timedelta(days=365 * 10)
@@ -52,6 +53,7 @@ def create_app(script_info=None):
EpisodeView.register(app, route_prefix='/api/v1/')
VenueView.register(app, route_prefix='/api/v1/')
UserView.register(app, route_prefix='/api/v1/')
+ AuthView.register(app, route_prefix='/api/v1/')
index_html = 'index.html'
diff --git a/animism-align/cli/app/sql/models/user.py b/animism-align/cli/app/sql/models/user.py
index 41ac917..4bbb739 100644
--- a/animism-align/cli/app/sql/models/user.py
+++ b/animism-align/cli/app/sql/models/user.py
@@ -28,6 +28,7 @@ class User(Base):
class UserForm(ModelForm):
class Meta:
model = User
+ unique_validator = None
exclude = ['password','settings']
def get_session():
return Session()
diff --git a/animism-align/cli/app/utils/auth_utils.py b/animism-align/cli/app/utils/auth_utils.py
index 71974e3..1ee8c68 100644
--- a/animism-align/cli/app/utils/auth_utils.py
+++ b/animism-align/cli/app/utils/auth_utils.py
@@ -1,4 +1,4 @@
-from flask_jwt import JWT
+from flask_jwt_extended import JWTManager
import hmac
import hashlib
@@ -28,4 +28,5 @@ def identity(payload):
return user
def setup_jwt(app):
- return JWT(app, authenticate, identity)
+ # return JWT(app, authenticate, identity)
+ jwt = JWTManager(app)
generated by cgit v1.2.3-70-g09d2 (git 2.51.0) at 2025-12-10 23:20:22 +0000