def decorated(*args, **kwargs):
token = None
if RequestConstants.REQUEST_TOKEN_IDENTIFIER in request.headers:
split_string = request.headers[
RequestConstants.REQUEST_TOKEN_IDENTIFIER].split(" ")
auth_type = split_string[0]
token = split_string[1]
if auth_type != RequestConstants.REQUEST_TOKEN_AUTH_TYPE:
return ResponseHelper.ReturnBadRequestResponse()
if not token:
return ResponseHelper.ReturnBadRequestResponse()
try:
data = TokenHelper.DecodeTokenAndValidate(token)
current_user = data[TokenConstants.PAYLOAD_USER_KEY]
user_type = data[TokenConstants.RESPONSE_USER_TYPE_KEY]
except jwt.ExpiredSignatureError:
return ResponseHelper.ReturnUnauthorizedResponse(
"Token Has Expired!")
except jwt.InvalidTokenError:
return ResponseHelper.ReturnUnauthorizedResponse("Bad Token!")
except Exception:
return ResponseHelper.ReturnBadRequestResponse()
return f(current_user, user_type, *args, **kwargs)
def Login():
auth = request.authorization
if not auth or not auth.username or not auth.password:
return ResponseHelper.ReturnBadRequestResponse()
user_dao = UserDao()
user = user_dao.GetUserById(auth.username)
if not user:
return ResponseHelper.ReturnUnauthorizedResponse(
"User Does Not Exist!")
if CheckPassword(auth.username, auth.password):
try:
return ResponseHelper.ReturnOkDataResponse(
"User Authenticated", {
"Token":
TokenHelper.CreateToken(user[UsersTable.ID],
user[UsersTable.TYPE])
})
except:
return ResponseHelper.ReturnErrorResponse()
else:
return ResponseHelper.ReturnUnauthorizedResponse("Incorrect Password!")
def CanAccess(current_user, user_type, event_id):
if not event_id:
return ResponseHelper.ReturnBadRequestResponse()
event_dao = EventDao()
can_access = event_dao.CanAccess(event_id, current_user)
if can_access:
return ResponseHelper.ReturnOkDataResponse("Ok", can_access)
else:
return ResponseHelper.ReturnUnauthorizedResponse(
"Needs to request access!")
def CheckCoachTrainingLogAccess(current_user, user_type, athlete_id):
if not athlete_id:
return ResponseHelper.ReturnBadRequestResponse()
if user_type != RequestConstants.USER_TYPE_COA:
return ResponseHelper.ReturnBadRequestResponse()
access_dao = AccessDao()
if access_dao.CheckCoachTrainingLogAccess(current_user, athlete_id):
return ResponseHelper.ReturnOkResponse("Ok")
else:
return ResponseHelper.ReturnUnauthorizedResponse(
"Needs to request access!")
def GetCoachAccess(current_user, user_type, athlete_id):
if not athlete_id:
return ResponseHelper.ReturnBadRequestResponse()
if user_type != RequestConstants.USER_TYPE_COA:
return ResponseHelper.ReturnBadRequestResponse()
access_dao = AccessDao()
access = access_dao.CheckAccess(current_user, athlete_id)
if access:
return ResponseHelper.ReturnOkDataResponse("Ok", {"Access": access})
else:
return ResponseHelper.ReturnUnauthorizedResponse(
"Needs to request access!")
def CheckPassword(current_user, user_type):
if not request.data:
return ResponseHelper.ReturnBadRequestResponse()
else:
user_data = json.loads(request.data)
un_encrypted_password = user_data[str(UsersTable.PASSWORD)]
if CheckPassword(current_user, un_encrypted_password):
return ResponseHelper.ReturnOkResponse("Ok")
else:
return ResponseHelper.ReturnUnauthorizedResponse(
"Current Password is Incorrect!")