STREETCRED_ENDPOINT = 'https://api.streetcred.id/agency/v1'
# NOTE: USE python-dotenv to extract these from the SSI .env file.
STREETCRED_AUTH_HEADERS = {'Authorization': 'Bearer GlW22ny3vQDdFaxxSP6Ym8WoxN9vr71RfPYZRvIADV8',
'X-Streetcred-Subscription-Key': 'acd24c30ed3c4ad3b8ce004f802ce459'}
BASE_URL = '/users'
USERS_LOGIN = {'rule': '/login', 'methods': ['POST'], 'endpoint': 'login'}
USERS_QR_LOGIN = {'rule': '/qr_login', 'methods': ['GET', 'POST'], 'endpoint': 'qr_login'}
USERS_REGISTER = {'rule': '/register', 'methods': ['POST'], 'endpoint': 'register'}
USERS_PROFILE = {'rule': '/profile', 'methods': ['GET'], 'endpoint': 'profile'}
users = Blueprint(name='users', import_name=__name__, url_prefix=BASE_URL)
@users.route(**USERS_REGISTER)
@swag_from(
docs_path('api', 'users', 'users_register.yaml'), methods=['POST'], endpoint='users.register'
)
def users_register():
request_data = request.get_json()
email = request_data['email']
user = Users.query.filter_by(email=email).first()
if user:
# NOTE: There needs to be some more logic here. TO prevent users from seeing a broken QR code.
return error_response(ALREADY_REGISTERED)
password = request_data['password']
if not password or password != request_data['passwordMatch']:
return error_response(INCORRECT_PASSWORD)
# At this point we call out to the SSI backend and send a POST request.
# POST request is going to contain the request data so that can be used to create the VC
}
OAUTH_TOKEN = {'rule': '/token', 'methods': ['POST'], 'endpoint': 'token'}
OAUTH_REVOKE = {'rule': '/revoke', 'methods': ['POST'], 'endpoint': 'revoke'}
oauth = Blueprint(name='oauth', import_name=__name__, url_prefix=BASE_URL)
def current_user():
if 'id' in session:
uid = session['id']
return Users.query.get(uid)
return None
@oauth.route(**OAUTH_AUTHORIZE)
@swag_from(docs_path('api', 'oauth', 'oauth_authorize.yaml'),
methods=['POST', 'GET'],
endpoint='oauth.authorize')
def oauth_authorize():
user = current_user()
if request.method == 'GET':
try:
grant = current_app.extensions[
Extensions.AUTHORIZATION].validate_consent_request(
end_user=user)
except OAuth2Error as error:
return jsonify(dict(error.get_body()))
return render_template('authorize.html', user=user, grant=grant)
if not user and 'username' in request.form:
username = request.form.get('username')
user = Users.query.filter_by(username=username).first()
from app.utils.spec import docs_path
BASE_URL = '/users'
USERS_LOGIN = {'rule': '/login', 'methods': ['POST'], 'endpoint': 'login'}
USERS_REGISTER = {
'rule': '/register',
'methods': ['POST'],
'endpoint': 'register'
}
USERS_PROFILE = {'rule': '/profile', 'methods': ['GET'], 'endpoint': 'profile'}
users = Blueprint(name='users', import_name=__name__, url_prefix=BASE_URL)
@users.route(**USERS_REGISTER)
@swag_from(docs_path('api', 'users', 'users_register.yaml'),
methods=['POST'],
endpoint='users.register')
def users_register():
request_data = request.get_json()
email = request_data['email']
user = Users.query.filter_by(email=email).first()
if user:
return jsonify(user.brief), SUCCESS
password = request_data['password']
if not password or password != request_data['passwordMatch']:
return error_response(INCORRECT_PASSWORD)
user = Users.create(email=email,
password=password,
username=email.split('@')[0])
SSO_GITHUB_AUTHORIZE = {
'rule': '/github/authorize',
'methods': ['GET'],
'endpoint': 'github_authorize'
}
SSO_GITHUB_REVOKE = {
'rule': '/github/revoke',
'methods': ['POST'],
'endpoint': 'github_revoke'
}
sso = Blueprint(name='sso', import_name=__name__, url_prefix=BASE_URL)
@sso.route(**SSO_PROVIDERS)
@swag_from(docs_path('api', 'sso', 'sso_providers.yaml'),
methods=['GET'],
endpoint='sso.providers')
@with_identity
def sso_providers(identity):
tokens = OAuth2Token.query \
.join(Users, Users.id == OAuth2Token.user_id) \
.filter(Users.email == identity).all()
result = []
if tokens:
result = [token.provider for token in tokens]
return jsonify(result), SUCCESS
@sso.route(**SSO_GITHUB)
@swag_from(docs_path('api', 'sso', 'sso_github.yaml'),