def create_app(config_name):
app = Flask(__name__, template_folder='templates')
app.secret_key = config.SECRET
app.config.from_object(app_config[config_name])
app.config.from_pyfile('config.py')
app.config['SQLALCHEMY_DATABASE_URI'] = config.SQLALCHEMY_DATABASE_URI
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.config['FLASK_ADMIN_SWATCH'] = 'yeti'
db = SQLAlchemy(config.APP)
start_views(app, db)
Bootstrap(app)
db.init_app(app)
@app.after_request
def after_request(response):
response.headers.add('Access-Control-Allow-Origin', '*')
response.headers.add('Access-Control-Allow-Headers', 'Content-Type')
response.headers.add('Access-Control-Allow-Methods',
'GET, PUT, POST, DELETE, OPTIONS')
return response
def auth_token_required(f):
@wraps(f)
def verify_token(*args, **kwargs):
user = UserController()
try:
result = user.verify_auth_token(
request.headers['access_token'])
if result['status'] == 200:
return f(*args, **kwargs)
else:
abort(result['status'], result['message'])
except KeyError as e:
print(e)
abort(401, 'Você precisa de enviar um token de acesso')
return verify_token
@app.route('/')
def index():
return 'Hello World'
@app.route('/login/')
def login():
return render_template('login.html',
message="Essa é uma mensagem que\
veio da rota")
@app.route('/login/', methods=['POST'])
def login_post():
user = UserController()
email = request.form['email']
password = request.form['password']
result = user.login(email, password)
if result:
return redirect('/admin')
else:
return render_template('login.html',
data={
'status': 401,
'msg': 'Dados de usuário incorretos',
'type': None
})
@app.route('/recovery-password/')
def recovery_password():
return 'Aqui entrará a tela de recuperar senha'
@app.route('/recovery-password/', methods=['POST'])
def send_recovery_password():
user = UserController()
result = user.recovery(request.form['email'])
if result:
return render_template('recovery.html',
data={
'status':
200,
'msg':
'E-mail de recuperacão enviado\
com sucesso'
})
else:
return render_template('recovery.html',
data={
'status':
401,
'msg':
'Erro ao enviar e-mail de\
recuperação'
})
@app.route('/product', methods=['POST'])
def save_products():
product = ProductController()
result = product.save_product(request.form)
if result:
message = 'Inserido'
else:
message = 'Não inserido'
return message
@app.route('/product/', methods=['PUT'])
def update_products():
product = ProductController()
result = product.update_product(request.form)
if result:
message = 'Editado'
else:
message = 'Não editado'
return message
@app.route('/products/', methods=['GET'])
@app.route('/products/<limit>', methods=['GET'])
@auth_token_required
def get_products(limit=None):
header = {
'access_token': request.headers['access_token'],
'token_type': "JWT"
}
product = ProductController()
response = product.get_products(limit=limit)
return Response(json.dumps(response, ensure_ascii=False),
mimetype='application/json'), response['status'],\
header
@app.route('/product/<product_id>', methods=['GET'])
@auth_token_required
def get_product(product_id):
header = {
'access_token': request.headers['access_token'],
'token_type': "JWT"
}
product = ProductController()
response = product.get_product_by_id(product_id=product_id)
return Response(json.dumps(response, ensure_ascii=False),
mimetype='application/json'), response['status'],\
header
@app.route('/user/<user_id>', methods=['GET'])
@auth_token_required
def get_user_profile(user_id):
header = {
'access_token': request.headers['access_token'],
'token_type': "JWT"
}
user = UserController()
response = user.get_user_by_id(user_id=user_id)
return Response(json.dumps(response, ensure_ascii=False),
mimetype='application/json'), response['status'],\
header
@app.route('/login_api/', methods=['POST'])
def login_api():
header = {}
user = UserController()
email = request.json['email']
password = request.json['password']
result = user.login(email=email, password=password)
code = 401
response = {"message": "Usuário não autorizado", "result": []}
if result:
if result.active:
result = {
'id': result.id,
'username': result.username,
'email': result.email,
'date_created': result.date_created,
'active': result.active
}
header = {
"access_token": user.generate_auth_token(result),
"token_type": "JWT"
}
code = 200
response["message"] = "Login realizado com sucesso"
response["result"] = result
return Response(json.dumps(response, ensure_ascii=False),
mimetype='application/json'), code, header
return app
def create_app(config_name):
app = Flask(__name__, template_folder="templates")
login_manager = LoginManager()
login_manager.init_app(app)
app.secret_key = config.SECRET
app.config.from_object(app_config[config_name])
app.config.from_pyfile("config.py")
app.config["SQLALCHEMY_DATABASE_URI"] = config.SQLALCHEMY_DATABASE_URI
app.config["SQLALCHEMY_TRACK_MODIFICATIONS"] = False
app.config["FLASK_ADMIN_SWATCH"] = "darkly"
db = SQLAlchemy(config.APP)
start_views(app, db)
Bootstrap(app)
db.init_app(app)
@app.after_request
def after_request(response):
response.headers.add("Access-Control-Allow-Origin", "*")
response.headers.add("Access-Control-Allow-Headers", "Content-Type")
response.headers.add("Access-Control-Allow-Methods",
"GET,POST,PUT,DELETE,OPTIONS")
return response
def auth_token_required(f):
@wraps(f)
def verify_token(*args, **kwargs):
user = UserController()
try:
result = user.verify_auth_token(
request.headers["access_token"])
if result["status"] == 200:
return f(*args, **kwargs)
else:
abort(result["status"], result["message"])
except KeyError as e:
abort(401, "Você precisa enviar um token de acesso")
return verify_token
@app.route("/")
def index():
return "Hello World"
@login_manager.user_loader
def load_user(user_id):
user = UserController()
return user.get_admin_login(user_id)
@app.route("/login")
def login():
return render_template("login.html",
data={
"status": 200,
"msg": None,
"type": None
})
@app.route("/login", methods=["POST"])
def login_post():
user = UserController()
email = request.form["email"]
password = request.form["password"]
result = user.login(email, password)
if result:
if result.role == 4:
return render_template(
"login.html",
data={
"status": 401,
"msg":
"Seu usuário não tem permissão para acessar o admin",
"type": 2
})
else:
login_user(result)
return redirect("/admin")
else:
return render_template("login.html",
data={
"status": 401,
"msg": "Dados de usuário incorretos",
"type": 1
})
@app.route("/logout")
def logout_send():
logout_user()
return render_template("login.html",
data={
"status": 200,
"msg": "Usuário deslogado com sucesso!",
"type": 3
})
@app.route("/recovery-password")
def recovery_password():
return render_template("recovery.html",
data={
"status": 200,
"msg": None,
"type": None
})
@app.route("/recovery-password", methods=["POST"])
def send_recovery_password():
user = UserController()
result = user.recovery(request.form["email"])
if (result["status_code"] == 200) or (result["status_code"] == 202):
return render_template(
"recovery.html",
data={
"status": result["status_code"],
"msg":
"Você receberá um e-mail em sua caixa para alteração de senha",
"type": 3
})
else:
return render_template("recovery.html",
data={
"status": result["status_code"],
"msg": result["body"],
"type": 1
})
@app.route("/new-password/<recovery_code>")
def new_password(recovery_code):
user = UserController()
result = user.verify_auth_token(recovery_code)
if result["status"] == 200:
res = user.get_user_by_recovery(str(recovery_code))
if res is not None:
return render_template("new_password.html",
data={
"status": result["status"],
"msg": None,
"type": None,
"user_id": res.id
})
else:
return render_template(
"recovery.html",
data={
"status": 400,
"msg":
"Erro ao tentar acessar os dados do usuário. Tente novamente mais tarde",
"type": 1
})
else:
return render_template(
"recovery.html",
data={
"status": result["status"],
"msg":
"Token expirado ou inválido, solicite novamente a alteração da senha",
"type": 1
})
@app.route("/new_password", methods=["POST"])
def send_new_password():
user = UserController()
user_id = request.form["user_id"]
password = request.form["password"]
result = user.new_password(user_id, password)
if result:
return render_template("login.html",
data={
"status": 200,
"msg": "Senha alterada com sucesso",
"type": 3,
"user_id": user_id
})
else:
return render_template("new_password.html",
data={
"status": 401,
"msg": "Erro ao alterar senha",
"type": 1,
"user_id": user_id
})
@app.route("/product", methods=["POST"])
def save_products():
product = ProductController()
result = product.save_product(request.form)
if result:
message = "Inserido"
else:
message = "Não inserido"
return message
@app.route("/product", methods=["PUT"])
def update_products():
product = ProductController()
result = product.update_product(request.form)
if result:
message = "Editado"
else:
message = "Não editado"
return message
@app.route("/product", methods=["DELETE"])
def delete_products():
product = ProductController()
result = product.delete_product(request.form)
if result:
message = "Deletado"
else:
message = "Não deletado"
return message
@app.route("/products", methods=["GET"])
@app.route("/products/<limit>", methods=["GET"])
@auth_token_required
def get_products(limit=None):
header = {
"access_token": request.headers["access_token"],
"token_type": "JWT"
}
product = ProductController()
response = product.get_products(limit=limit)
return Response(
json.dumps(response, ensure_ascii=False),
mimetype="application/json"), response["status"], header
@app.route("/product/<product_id>", methods=["GET"])
@auth_token_required
def get_product(product_id):
header = {
"access_token": request.headers["access_token"],
"token_type": "JWT"
}
product = ProductController()
response = product.get_product_by_id(product_id=product_id)
return Response(
json.dumps(response, ensure_ascii=False),
mimetype="application/json"), response["status"], header
@app.route("/user/<user_id>", methods=["GET"])
@auth_token_required
def get_user_profile(user_id):
header = {
"access_token": request.headers["access_token"],
"token_type": "JWT"
}
user = UserController()
response = user.get_user_by_id(user_id=user_id)
return Response(
json.dumps(response, ensure_ascii=False),
mimetype="application/json"), response["status"], header
@app.route("/login_api", methods=["POST"])
def login_api():
header = {}
user = UserController()
email = request.json["email"]
password = request.json["password"]
res = user.login(email, password)
code = 401
response = {"message": "Usuário não autorizado", "result": []}
if res:
if res.active:
result = {
"id": res.id,
"username": res.username,
"email": res.email,
"date_created": res.date_created,
"active": res.active
}
header = {
"access_token": user.generate_auth_token(result),
"token_type": "JWT"
}
code = 200
response["message"] = "Login realizado com sucesso"
response["result"] = result
return Response(json.dumps(response, ensure_ascii=False),
mimetype="application/json"), code, header
return app
def create_app(config_name):
# A variável app recebe uma instância de Flask, passando a configuração da localização dos templates. Pode
# receber diversas configurações.
app = Flask(__name__, template_folder='templates')
# O atributo secret_key da aplicação app, recebe a configuração da chave secreta do arquivo config.py, por meio da variável config e atributo SECRET.
app.secret_key = config.SECRET
# Efetua o carregamento do arquivo config.py
app.config.from_object(app_config[config_name])
app.config.from_pyfile('config.py')
### BDD ###
# Adicionando configurações necessárias para utilizarmos o SQLAlchemy.
# A constante SQLALCHEMY_DATABASE_URI foi definida no arquivo config.py, a qual indica o caminho do banco de dados.
app.config['SQLALCHEMY_DATABASE_URI'] = config.SQLALCHEMY_DATABASE_URI
# Configuração indicando que as modificações do banco de dados poderão ser exclusivamente pela aplicação.
# Se True, permite outras formas.
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
# A variável db receberá a atribuição de uma instância do SQLAlchemy passando a aplicação app criada.
db = SQLAlchemy(config.APP)
# Adicionado a inicialização das visualizações das views Admin. Ativa a área admin do Flask.
# A Admin será criada dentro do arquivo admin/Admin.py
start_views(app, db)
# Inicializando o banco de dados para a aplicação.
db.init_app(app)
# Primeira rota a ser criada. A rota principal root.
# Quando se cria duas ou mais rotas seguidas antes do método, isso indica ao navegador que qualquer uma delas acessa o método a seguir. Neste exemplo tanto http://localhost:8000/ e http://localhost:8000/login/ acessam o médtodo index(). Que retorna uma string.
@app.route('/')
@app.route('/index/')
def index():
return render_template("index.html")
@app.route("/about-us")
def about():
return render_template("about-us.html")
@app.route("/agendamento")
def agendamento():
return render_template("agendamento.html")
@app.route("/listaAventuras")
def listaAventuras():
return render_template("listaAventuras.html")
@app.route("/login/")
def login():
return render_template("login.html")
# Rota adicionada para verificar o login do Usuário por meio do controllers: UsuarioController()
@app.route('/login/', methods=['POST'])
def login_post():
usuario = UsuarioController()
email = request.form['email']
password = request.form['password']
resultado = usuario.login(email, password)
if resultado:
return redirect('/admin')
else:
return render_template('login.html',
data={
'status': 401,
'msg': 'Dados de usuário incorretos',
'type': None
})
# Rota adicionada para recuperação de senha
@app.route('/recuperar-senha/')
def recuperar_senha():
return '<h1>Aqui entrará a tela de recuperar senha. </h1>'
# Rota adicionada para recuperação de senha por meio do método POST.
@app.route('/recuperar-senha/', methods=['POST'])
def enviar_recuperar_senha():
# Instância do Usuario Controller atribuída a variável usuario.
usuario = UsuarioController()
resultado = usuario.recuperar(request.form['email'])
# Se o resultado for preenchido, executa o email de recuperação com status 200 de sucesso.
if resultado:
return render_template(
'recuperar.html',
data={
'status': 200,
'msg': 'E-mail de recuperação enviado com sucesso'
})
else:
# Se o resultado for vazio, executa o email de recuperação com status 200 de sucesso.
return render_template('recuperar.html',
data={
'status':
401,
'msg':
'Erro ao enviar e-mail de recuperação'
})
@app.route("/cadastro")
def cadastro():
return render_template("cadastro.html")
# Retorno do método create_app(). Retorna a instância do app criada.
return app
def create_app(config_name):
app = Flask(__name__, template_folder="templates")
app.secret_key = config.SECRET
app.config.from_object(app_config[config_name])
app.config.from_pyfile("config.py")
app.config["SQLALCHEMY_DATABASE_URI"] = config.SQLALCHEMY_DATABASE_URI
app.config["SQLALCHEMY_TRACK_MODIFICATIONS"] = False
app.config["FLASK_ADMIN_SWATCH"] = "paper"
Bootstrap(app)
db = SQLAlchemy(config.APP)
start_views(app, db)
db.init_app(app)
@app.after_request
def after_request(response):
response.headers.add("Access-Control-Allow-Origin", "*")
response.headers.add("access-Control-Allow-Headers", "Content-Type")
response.headers.add("Access-Control-Allow-Methods",
"GET,PUT,POST,DELETE,OPTIONS")
return response
def auth_token_required(f):
@wraps(f)
def verify_token(*args, **kwargs):
user = UserController()
try:
result = user.verify_auth_token(
request.headers["access_token"])
if result["status"] == 200:
return f(*args, **kwargs)
else:
abort(result["status"], result["message"])
except KeyError as e:
abort(401, "Você precisa enviar um token de acesso")
return verify_token
@app.route("/")
def index():
return "Hello world!"
# Login
@app.route("/login")
def login():
return render_template("login.html",
message="Essa é uma mensagem que veio da rota")
@app.route("/login", methods=["POST"])
def login_post():
user = UserController()
email = request.form["email"]
password = request.form["password"]
result = user.login(email, password)
if result:
return redirect("/admin")
else:
return render_template(
"login.html",
data={
"status": 401,
"msg": "Dados incorretos",
"type": None
},
)
# Produtos
@app.route("/product", methods=["POST"])
def save_products():
product = ProductController()
result = product.save_product(request.form)
message = "Inserido" if result else "Não inserido"
return message
@app.route("/product", methods=["PUT"])
def update_products():
product = ProductController()
result = product.update_product(request.form)
message = "Editado" if result else "Não editado"
return message
# Recuperação de senha
@app.route("/recovery-password")
def recovery_password():
return "Aqui entrará a tela de recuperar senha"
@app.route("/recovery-password/", methods=["POST"])
def send_recovery_password():
user = UserController()
result = user.recovery(request.form["email"])
if result:
return render_template(
"recovery.html",
data={
"status": 200,
"msg": "E-mail de recuperação enviado com sucesso",
},
)
else:
return render_template(
"recovery.html",
data={
"status": 401,
"msg": "Erro ao enviar o e-mail de recuperação"
},
)
@app.route("/products", methods=["GET"])
@app.route("/products/<limit>", methods=["GET"])
@auth_token_required
def get_products(limit=None):
header = {
"access_token": request.headers["access_token"],
"token_type": "JWT"
}
product = ProductController()
response = product.get_products(limit=limit)
return (
Response(json.dumps(response, ensure_ascii=False),
mimetype="application/json"),
response["status"],
header,
)
@app.route("/product/<product_id>", methods=["GET"])
@auth_token_required
def get_product(product_id):
header = {
"access_token": request.headers["access_token"],
"token_type": "JWT"
}
product = ProductController()
response = product.get_product_by_id(product_id=product_id)
return (
Response(json.dumps(response, ensure_ascii=False),
mimetype="application/json"),
response["status"],
header,
)
@app.route("/user/<user_id>", methods=["GET"])
@auth_token_required
def get_user_profile(user_id):
header = {
"access_token": request.headers["access_token"],
"token_type": "JWT"
}
user = UserController()
response = user.get_user_by_id(user_id=user_id)
return (
Response(json.dumps(response, ensure_ascii=False),
mimetype="application/json"),
response["status"],
header,
)
@app.route("/login_api", methods=["POST"])
def login_api(self):
header = {}
user = UserController()
email = request.json["email"]
password = request.json["password"]
result = user.login(email, password)
code = 401
response = {"message": "Usuário não autorizado", "result": []}
if result:
if result.active:
result = {
"id": result.id,
"username": result.username,
"email": result.email,
"date_created": result.date_created,
"active": result.active,
}
header = {
"access_token": user.generate_auth_token(result),
"token_type": "JWT",
}
code = 200
response["message"] = "Login realizado com sucesso"
response["result"] = result
return (
Response(
json.dumps(response, ensure_ascii=False),
mimetype="application/json",
),
code,
header,
)
return app
def create_app(config):
app = Flask(__name__)
login_manager = LoginManager()
login_manager.init_app(app)
app.secret_key = config.SECRET
app.config.from_object(config)
app.config.from_pyfile('config.py')
app.config['SQLALCHEMY_DATABASE_URI'] = config.SQLALCHEMY_DATABASE_URI
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.config['FLASK_ADMIN_SWATCH'] = 'paper'
db = SQLAlchemy(app)
start_views(app, db)
Bootstrap(app)
db.init_app(app)
config.APP = app
@app.after_request
def after_request(response):
# response.header.add('Access-Control-Allow-Origin', '*')
# response.header.add('Access-Control-Allow-Headers', 'Content-Type')
# response.header.add('Access-Control-Allow-Methods', 'GET, PUT, POST, DELETE, OPTIONS')
return response
@app.route('/report', methods=['GET', 'POST'])
def report():
state = request.form['state']
disease = request.form['disease']
patients = ctrl.reportByState(state, disease)
return Response(json.dumps(patients, ensure_ascii=False), mimetype='application/json'), 200, {}
@app.route('/', methods=['POST', 'GET'])
@app.route('/login', methods=['POST', 'GET'])
def login():
form = LoginForm(request.form)
if request.method == 'GET':
data = {'status': 200, 'msg': None, 'type': None, 'form': form}
else:
if form.validate():
result = ctrl.login(form.email.data, form.password.data)
if result:
if result.role == 2:
data = {'status': 401, 'msg': 'Seu usuário não tem permissão para acessar o admin', 'type': 2, 'form': form}
else:
login_user(result, remember=True, duration=datetime.timedelta(minutes=5), fresh=True)
return redirect('/admin')
else:
data = {'status': 401, 'msg': 'Dados de usuário incorretos', 'type': 1, 'form': form}
else:
data = {'status': 401, 'msg': 'Formulário inválido', 'type': 1, 'form': form}
return render_template('/login.html', data=data)
@login_manager.user_loader
def load_user(user_id):
return ctrl.getUserById(user_id)
# Tentativa de implementar o logout
@app.route('/logout', methods=['POST', 'GET'])
def logout():
logout_user()
form = LoginForm(request.form)
data = {'status': 200, 'msg': None, 'type': None, 'form': form}
return render_template('/login.html', data=data)
def create_app(config_name):
app = Flask(__name__, template_folder='templates')
app.secret_key = config.SECRET
app.config.from_object(app_config[config_name])
app.config.from_pyfile('config.py')
app.config['SQLALCHEMY_DATABASE_URI'] = False
app.config['FLASK_ADMIN_SWATCH'] = 'paper'
db = SQLAlchemy(config.APP)
Bootstrap(app)
start_views(app, db)
db.init_app(app)
@app.after_request
def after_request(response):
response.headers.add('Access-Control-Allow-Origin', '*')
response.headers.add('Access-Control-Allow-Headers', 'Content-Type')
response.headers.add('Access-Control-Allow-Methods',
'GET,PUT,POST,DELETE,OPTIONS')
return response
def auth_token_required(f):
@wraps(f)
def verify_token(*args, **kwargs):
user = UserController()
try:
result = user.verify_auth_token(
request.headers['access_token'])
if result['status'] == 200:
return f(*args, **kwargs)
else:
abort(result['status'], result['message'])
except KeyError as e:
abort(401, 'Access Token is required')
return verify_token
@app.route('/')
def index():
return render_template('login.html')
@app.route('/login/', methods=['POST'])
def login():
user = UserController()
email = request.form['email']
password = request.form['password']
result = user.login(email, password)
if result:
return redirect('/admin')
else:
return render_template('login.html',
message="This message came from route")
@app.route('/recovery-password')
def recovery_password():
return 'Here is the recover screen'
@app.route('/recovery-password/', methods=['POST'])
def send_recovery_password():
user = UserController()
result = user.recovery(request.form['email'])
if result:
return render_template('recovery.html',
data={
"status": 200,
"message":
"recovery email has been sent",
})
else:
return render_template('recovery.html',
data={
"status": 401,
"message":
"Fail to send the recovery email"
})
@app.route('/profile/<int:id>/action/<action>')
def profile(id, action):
if action == 'action1':
return f'action choose:{action}'
elif action == 'action2':
return f'action choose:{action}'
else:
return f'Here is the ID:{id} and the action:{action} '
@app.route('/profile/<int:id>', methods=['POST'])
def create_profile():
username = request.form['username']
password = request.form['password']
return f'This route has a put method and will edit the user name to {username} and pass to {password}'
@app.route('/product', methods=['POST'])
def save_products():
product = ProductController()
result = product.save_product(request.form)
if result:
message = "Insert"
else:
message = "Fail"
return message
@app.route('/product', methods=['PUT'])
def update_products():
product = ProductController()
result = product.update_product(request.form)
if result:
message = "Updated"
else:
message = "Fail"
return message
#API endpoints :
@app.route('/products/', methods=['GET'])
@app.route('/products/<limit>', methods=['GET'])
@auth_token_required
def get_products(limit=None):
header = {
'access_token': request.headers['access_token'],
"token_type": "JWT"
}
product = ProductController()
response = product.get_products(limit=limit)
return Response(
json.dumps(response, ensure_ascii=False),
mimetype='application/json'), response['status'], header
@app.route('/product/<product_id>', methods=['GET'])
@auth_token_required
def get_product(product_id):
header = {
"access_token": request.headers['access_token'],
"token_type": "JWT"
}
product = ProductController()
response = product.get_product_by_id(product_id=product_id)
return Response(
json.dumps(response, ensure_ascii=False),
mimetype='application/json'), response['status'], header
@app.route('/user/<user_id>', methods=['GET'])
@auth_token_required
def get_user_profile(user_id):
header = {
"access_token": request.headers['access_token'],
"token_type": "JWT"
}
user = UserController()
response = user.get_user_by_id(user_id=user_id)
return Response(
json.dumps(response, ensure_ascii=False),
mimetype='application/json'), response['status'], header
return app
def create_app(config_name):
app = Flask(__name__, template_folder='templates')
login_manager = LoginManager()
login_manager.init_app(app)
app.secret_key = config.SECRET
app.config.from_object(app_config[config_name])
app.config.from_pyfile('config.py')
app.config['SQLALCHEMY_DATABASE_URI'] = config.SQLALCHEMY_DATABASE_URI
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.config['FLASK_ADMIN_SWATCH'] = 'paper'
db = SQLAlchemy(config.APP)
migrate = Migrate(app, db)
start_views(app,db)
Bootstrap(app)
db.init_app(app)
@app.after_request
def after_request(response):
response.headers.add('Access-Control-Allow-Origin', '*')
response.headers.add('Access-Control-Allow-Headers', 'Content-Type')
response.headers.add('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS')
return response
def auth_token_required(f):
@wraps(f)
def verify_token(*args, **kwargs):
user = UserController()
try:
result = user.verify_auth_token(request.headers['access_token'])
if result['status'] == 200:
return f(*args, **kwargs)
else:
abort(result['status'], result['message'])
except KeyError as e:
abort(401, 'Você precisa enviar um token de acesso')
return verify_token
@app.route('/')
def index():
return 'Meu primeiro run'
@app.route('/login/')
def login():
return render_template('login.html', data={'status': 200, 'msg': None, 'type': None})
@app.route('/login/', methods=['POST'])
def login_post():
user = UserController()
email = request.form['email']
password = request.form['password']
result = user.login(email, password)
if result:
if result.role == 4:
return render_template('login.html', data={'status': 401, 'msg': 'Seu usuário não tem permissão para acessar o admin', 'type':2})
else:
login_user(result)
return redirect('/admin')
else:
return render_template('login.html', data={'status': 401, 'msg': 'Dados de usuário incorretos', 'type': 1})
@app.route('/recovery-password/')
def recovery_password():
# Capítulo 11
return render_template('recovery.html', data={'status': 200, 'msg': None, 'type': None})
@app.route('/recovery-password/', methods=['POST'])
def send_recovery_password():
user = UserController()
result = user.recovery(request.form['email'])
# Capítulo 11 - Alterar parâmetros
if result['status_code'] == 200 or result['status_code'] == 202:
return render_template('recovery.html', data={'status': result['status_code'], 'msg': 'Você receberá um e-mail em sua caixa para alteração de senha.', 'type': 3})
else:
return render_template('recovery.html', data={'status': result['status_code'], 'msg': result['body'], 'type': 1})
@app.route('/new-password/<recovery_code>')
def new_password(recovery_code):
user = UserController()
result = user.verify_auth_token(recovery_code)
if result['status'] == 200:
res = user.get_user_by_recovery(str(recovery_code))
if res is not None:
return render_template('new_password.html', data={'status': result['status'], 'msg': None, 'type': None, 'user_id': res.id})
else:
return render_template('recovery.html', data={'status': 400, 'msg': 'Erro ao tentar acessar os dados do usuário. Tente novamente mais tarde.', 'type': 1})
else:
return render_template('recovery.html', data={'status': result['status'], 'msg': 'Token expirado ou inválido, solicite novamente a alteração de senha', 'type': 1})
@app.route('/new-password/', methods=['POST'])
def send_new_password():
user = UserController()
user_id = request.form['user_id']
password = request.form['password']
result = user.new_password(user_id, password)
if result:
return render_template('login.html', data={'status': 200, 'msg': 'Senha alterada com sucesso!', 'type': 3, 'user_id': user_id})
else:
return render_template('new_password.html', data={'status': 401, 'msg': 'Erro ao alterar senha.', 'type': 1, 'user_id': user_id})
@app.route('/products/', methods=['GET'])
@app.route('/products/<limit>', methods=['GET'])
@auth_token_required
def get_products(limit=None):
header = {
'access_token': request.headers['access_token'],
"token_type": "JWT"
}
product = ProductController()
response = product.get_products(limit=limit)
return Response(json.dumps(response, ensure_ascii=False), mimetype='application/json'), response['status'], header
@app.route('/product/<product_id>', methods=['GET'])
@auth_token_required
def get_product(product_id):
header = {
'access_token': request.headers['access_token'],
"token_type": "JWT"
}
product = ProductController()
response = product.get_product_by_id(product_id = product_id)
return Response(json.dumps(response, ensure_ascii=False), mimetype='application/json'), response['status'], header
@app.route('/user/<user_id>', methods=['GET'])
@auth_token_required
def get_user_profile(user_id):
header = {
'access_token': request.headers['access_token'],
"token_type": "JWT"
}
user = UserController()
response = user.get_user_by_id(user_id=user_id)
return Response(json.dumps(response, ensure_ascii=False), mimetype='application/json'), response['status'], header
@app.route('/login_api/', methods=['POST'])
def login_api():
header = {}
user = UserController()
email = request.json['email']
password = request.json['password']
result = user.login(email, password)
code = 401
response = {"message": "Usuário não autorizado", "result": []}
if result:
if result.active:
result = {
'id': result.id,
'username': result.username,
'email': result.email,
'date_created': result.date_created,
'active': result.active
}
header = {
"access_token": user.generate_auth_token(result),
"token_type": "JWT"
}
code = 200
response["message"] = "Login realizado com sucesso"
response["result"] = result
return Response(json.dumps(response, ensure_ascii=False), mimetype='application/json'), code, header
@app.route('/logout')
def logout_send():
logout_user()
return render_template('login.html', data={'status': 200, 'msg': 'Usuário deslogado com sucesso!', 'type':3})
@login_manager.user_loader
def load_user(user_id):
user = UserController()
return user.get_admin_login(user_id)
return app
def create_app(config_name):
app = Flask(__name__, template_folder='templates')
login_manager = LoginManager()
login_manager.init_app(app)
app.secret_key = config.SECRET
app.config.from_object(app_config[config_name])
app.config.from_pyfile('config.py')
app.config['SQLALCHEMY_DATABASE_URI'] = config.SQLALCHEMY_DATABASE_URI
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.config['FLASK_ADMIN_SWATCH'] = 'flatly'
db = SQLAlchemy(config.APP)
start_views(app, db)
Bootstrap(app)
db.init_app(app)
@app.route("/")
def index():
return render_template('base.html')
@app.route('/login/')
def login():
return render_template('login.html',
data={
'status': 200,
'msg': None,
'type': None
})
@app.route('/login/', methods=['POST'])
def login_post():
user = UserController()
email = request.form['email']
password = request.form['password']
result = user.login(email, password)
if result:
if result.role == 3:
return render_template(
'login.html',
data={
'status': 401,
'msg':
'Seu usuário não tem permissão para acessar o admin',
'type': 2
})
else:
login_user(result)
return redirect('/admin')
else:
return render_template('login.html',
data={
'status': 401,
'msg': 'Dados de usuário incorretos',
'type': 1
})
@app.route('/recupere-senha')
def recovery_password():
return 'Recuperação de Senha'
@app.route('/recupere-senha', methods=['Post'])
def send_recovery_password():
user = UserController()
result = user.recovery(request.form['email'])
if result:
return render_template(
'recovery.html',
data={
'status': 200,
'msg': 'E-mail de confirmação enviado com sucesso'
})
else:
return render_template('recovery.hmtl',
data={
'status':
401,
'msg':
'Erro ao enviar e-mail de confirmação'
})
@app.route('/cadastro/', methods=['GET', 'POST'])
def cadastro_salvar():
"""
Função para salvar os dados do formulário no banco de dados.
Caso envie dados, o sistesma guarda a data atual e o tipo de registro
que há no formulário. Em seguida faz uma pesquisa na tabela 'Documents'
no banco de dados. Próximo passo aciona a função 'get_count' que se
encontra na model Documentos.py e soma mais 1 para ter a número atual
incluindo o novo registro. Ao validadr o formulário, ele salva no banco
os dados do formulários equivalentes ao campo. O campo 'num_reg', chama
a função 'cont_reg', localizada em static/cadastro.py para transformar
os dados obtidos e guardados em 'data_created' e 'n_rows' no formato
string utilizado como númeração padrão: 00X/aaaa (ex: 001/2021)
"""
form = FormCadastro()
if request.method == 'POST':
date_created = datetime.now()
tipo = form.tipo_reg.data.name
q = db.session.query(Documents).filter(Documents.type == tipo)
n_rows = get_count(q) + 1
if form.validate_on_submit():
doc = Documents(num_reg=cont_reg(date_created, n_rows),
objeto=form.objeto.data,
origen=form.origem.data,
destiny=form.destino.data,
date_created=form.date_criacao.data,
requester=form.solicitante.data,
creator=form.criador.data,
type=form.tipo_reg.data)
db.session.add(doc)
db.session.commit()
flash('Sucesso ao gravar')
return render_template('base.html')
return render_template('cadastro.html', form=form)
@app.route('/destino/<get_destino>', methods=['GET'])
def destino_opcoes(get_destino):
destinos = Department.query.filter_by(tipo=get_destino).all()
destinos_conj = []
for destino in destinos:
destinobj = {}
destinobj['id'] = destino.id
destinobj['name'] = destino.name
destinobj['tipo'] = destino.tipo
destinobj['description'] = destino.description
destinos_conj.append(destinobj)
return jsonify({'destinos': destinos_conj})
@app.route('/documents', methods=['POST', 'GET'])
def save_documents():
document = DocumentController
result = document.save_document(request.form)
if result:
message = 'Editado'
else:
message = "Não editado"
return message
@app.route('/documents', methods=['PUT'])
def update_documents():
document = DocumentController
result = document.update_document(request.form)
if result:
message = 'Editado'
else:
message = "Não editado"
return message
@app.route('/documents/', methods=['GET'])
@app.route('/documents/<limit>', methods=['GET'])
def get_documents(limit=None):
header = {}
documents = DocumentController()
response = documents.get_documents(limit=limit)
return Response(
json.dumps(response, ensure_ascii=False),
mimetype='application/json'), response['status'], header
@app.route('/documents/<documents_id>', methods=['GET'])
def get_document(doc_id):
header = {}
documents = DocumentController()
response = documents.get_documents_by_id(documents_id=doc_id)
return Response(
json.dumps(response, ensure_ascii=False),
mimetype='application/json'), response['status'], header
@app.route('/user/<user_id>', methods=['GET'])
def get_user_profile(user_id):
header = {
'access_token': request.headers['access_token'],
"token_type": "jwt"
}
user = UserController()
response = user.get_user_by_id(user_id=user_id)
return Response(
json.dumps(response, ensure_ascii=False),
mimetype='application/json'), response['status'], header
@app.route('/login_api/', methods=['POST'])
def login_api():
header = {}
user = UserController()
email = request.json['email']
password = request.json['password']
result = user.login(email, password)
code = 401
response = {"message": "Usuário não autorizado", "result": []}
if result:
if result.active:
result = {
'id': result.id,
'username': result.username,
'email': result.email,
'date_created': result.date_created,
'active': result.active
}
header = {
"access_token": user.generate_auth_token(result),
"token_type": "JWT"
}
code = 200
response["message"] = "Login realizado com sucesso"
response["result"] = result
return Response(json.dumps(response, ensure_ascii=False),
mimetype='application/json'), code, header
@app.route('/logout')
def logout_send():
logout_user()
return render_template('login.html',
data={
'status': 200,
'msg': 'Usuário deslogado com sucesso',
'type': 3
})
@login_manager.user_loader
def loader(user_id):
user = UserController()
return user.get_admin_login(user_id)
return app
def create_app(config_name):
app = Flask(__name__, template_folder='templates')
app.secret_key = config.SECRET
app.config.from_object(app_config[config_name])
app.config.from_pyfile('config.py')
# database
app.config['SQLALCHEMY_DATABASE_URI'] = config.SQLALCHEMY_DATABASE_URI
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
db = SQLAlchemy(config.APP)
# start admin
app.config['FLASK_ADMIN_SWATCH'] = 'united'
start_views(app, db)
db.init_app(app)
@app.route('/')
def index():
return 'Hello World'
@app.route('/login')
def login():
return 'tela de login'
@app.route('/login', methods=['POST'])
def login_post():
user = UserController()
email = request.form['email']
password = request.form['password']
login_response = user.login(email, password)
if login_response:
return redirect('/admin')
else:
return render_template('login.html',
data={
'status': 401,
'message':
'Dados de usuário incorretos',
'type': None
})
@app.route('/recovery-passowrd')
def recovery_password():
return 'recovery password'
@app.route('/recovery-password', methods=['POST'])
def recovery_password_post():
user = UserController()
email = request.form['email']
recovery_response = user.recovery(email)
return render_template(
'recovery.html',
data={
'status':
200,
'message':
'Se o e-mail informado estiver correto o e-mail de recuperção foi enviado. Confira o SPAM'
})
return app
def create_app(config_name):
app = Flask(__name__, template_folder='templates')
login_manage = LoginManager()
login_manage.init_app(app)
app.secret_key = config.SECRET
app.config.from_object(app_config[app_active])
app.config.from_pyfile('config.py')
app.config['SQLALCHEMY_DATABASE_URI'] = config.SQLALCHEMY_DATABASE_URI
app.config['SQLACHEMY_TRACK_MODIFICATIONS'] = False
app.config['FLASK_ADMIN_SWATCH'] = 'superhero'
db = SQLAlchemy(config.APP)
start_views(app, db)
Bootstrap(app)
db.init_app(app)
@app.after_request
def after_request(response):
response.headers.add('Access-Control-Allow-Origin', '*')
response.headers.add('Access-Control-Allow-Headers', 'Content-Type')
response.headers.add('Access-Control-Allow-Methods',
'GET, PUT, POST, DELETE, OPTIONS')
return response
def auth_token_required(f):
@wraps(f)
def verify_token(*args, **kwargs):
user = UserController()
try:
result = user.verify_auth_token(
request.headers['access_token'])
if result['status'] == 200:
return f(*args, **kwargs)
else:
abort(result['status'], result['message'])
except KeyError as e:
abort(401, 'Você precisa enviar um token de acesso')
return verify_token
@app.route('/')
def index():
return "Flask app runing..."
@app.route('/login/')
def login():
return render_template('login.html',
data={
'status': 200,
'msg': None,
'type': None
})
@app.route('/login/', methods=['POST'])
def login_post():
user_controller = UserController()
email = request.form['email']
password = request.form['password']
result = user_controller.login(email, password)
if result:
if result.role == 2:
return render_template(
'login.html',
data={
'status': 401,
'msg':
'Seu usuário não tem permissão para acessar o admin',
'type': 2
})
else:
login_user(result)
return redirect('/admin')
else:
return render_template('login.html',
data={
'status': 401,
'msg': 'Dados de usuário incorretos',
'type': 1
})
@app.route('/recovery-password/')
def recovery_password():
return 'Tela de recuperar a senha'
@app.route('/recovery-password/', methods=['POST'])
def send_recovery_password():
user_controller = UserController()
result = user_controller.recovery(request.form['email'])
if result:
return render_template(
'recovery.html',
data={
'status': 200,
'msg': 'E-mail de recuperação enviado com sucesso'
})
else:
return render_template('recovery.html',
data={
'status':
401,
'msg':
'Erro ao enviar e-mail de recuperação'
})
@app.route('/product/', methods=['POST'])
def save_products():
product_controller = ProductController()
result = product_controller.save_product(request.form)
if result:
return 'Inserido'
else:
return 'Não inserido'
@app.route('/product/', methods=['PUT'])
def update_products():
product = ProductController()
result = product.update_product(request.form)
if result:
return 'Editado'
else:
return 'Não editado'
@app.route('/product/<int:id>', methods=['DELETE'])
def delete_product(id):
product = ProductController()
result = product.delete_product(id)
if result:
return 'Deletado'
else:
return 'Não deletado'
@app.route('/products/', methods=['GET'])
@app.route('/products/<limit>', methods=['GET'])
@auth_token_required
def products(limit=None):
header = {
'access_token': request.headers['access_token'],
'token_type': 'JWT'
}
product_controller = ProductController()
response = product_controller.get_products(limit)
return Response(json.dumps(response, ensure_ascii=False),
mimetype='application/json',
status=response['status'],
headers=header)
@app.route('/product/<product_id>', methods=['GET'])
@auth_token_required
def get_product(product_id):
header = {
'access_token': request.headers['access_token'],
'token_type': 'JWT'
}
product_controller = ProductController()
response = product_controller.get_product_by_id(product_id)
return Response(json.dumps(response, ensure_ascii=False),
mimetype='application/json',
status=response['status'],
headers=header)
@app.route('/user/<user_id>', methods=['GET'])
@auth_token_required
def get_user(user_id):
header = {
'access_token': request.headers['access_token'],
'token_type': 'JWT'
}
user_controller = UserController()
response = user_controller.get_user_by_id(user_id)
return Response(json.dumps(response, ensure_ascii=False),
mimetype='application/json',
status=response['status'],
headers=header)
@app.route('/login_api', methods=['POST'])
def login_api():
header = {}
user_controller = UserController()
email = request.json['email']
password = request.json['password']
result = user_controller.login(email, password)
code = 401
response = {'message': 'Usuário não autorizado', 'result': []}
if result:
if result.active:
result = {
'id': result.id,
'username': result.username,
'email': result.email,
'date_created': result.date_created,
'active': result.active
}
header = {
'access_token':
user_controller.generate_auth_token(result),
'token_type': 'JWT'
}
code = 200
response['message'] = 'Login realizado com sucesso'
response['result'] = result
return Response(json.dumps(response, ensure_ascii=False),
mimetype='application/json',
status=code,
headers=header)
@app.route('/logout')
def logout_send():
logout_user()
return render_template('login.html',
data={
'status': 200,
'msg': 'Usuário deslogado com sucesso',
'type': 3
})
@login_manage.user_loader
def load_user(user_id):
user = UserController()
return user.get_admin_login(user_id)
return app
def create_app(config_name):
app = Flask(__name__, template_folder='templates')
login_manager = LoginManager()
login_manager.init_app(app)
app.secret_key = config.SECRET
app.config.from_object(app_config[config_name])
app.config.from_pyfile('config.py')
app.config['SQLALCHEMY_DATABASE_URI'] = config.SQLALCHEMY_DATABASE_URI
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.config['FLASK_ADMIN_SWATCH'] = 'paper'
db = SQLAlchemy(config.APP)
"""adicionando a linha a seguir do start_view"""
start_views(app, db)
Bootstrap(app)
db.init_app(app)
@app.after_request
def after_request(response):
response.headers.add('Access-Control-Allow-Origin', '*')
response.headers.add('Access-Control-Allow-Headers', 'Content-Type')
response.headers.add('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS')
return response
def auth_token_required(f):
@wraps(f)
def verify_token(*args, **kwargs):
user = UserController()
try:
result = user.verify_auth_token(request.headers['access_token'])
if result['status'] == 200:
return f(*args, **kwargs)
else:
abort(result['status'], result['message'])
except KeyError as e:
abort(401, 'Você precisa enviar um token de acesso')
return verify_token
@app.route('/')
def index():
return 'Hello World!'
@app.route('/login/')
def login():
return render_template('login.html', data={'status': 200, 'msg': None, 'type': None})
@app.route('/login/', methods=['POST'])
def login_post():
user = UserController()
email = request.form['email']
password = request.form['password']
result = user.login(email, password)
if result:
if result.role == 4:
return render_template('login.html', data={'status': 401, 'msg': 'Seu usuário '
'não tem permissão para acessar o admin', 'type':2})
else:
login_user(result)
return redirect('/admin')
else:
return render_template('login.html', data={'status':401, 'msg': 'Dados de usuário incorretos', 'type': None})
@app.route('/recovery-password/')
def recovery_password():
return 'aqui entraá a tela de recuperar senha'
@app.route('/recovery-password', methods=['POST'])
def send_recovery_password():
user = UserController()
result = user.recovery(request.form['email'])
if result:
return render_template('recovery.html', data={'status':200, 'msg': 'E-mail de recuperação enviado com sucesso'})
else:
return render_template('recovery.html', data={'status': 401, 'msg':'Erro ao enviar e-mail de recuperação'})
@app.route('/profile/<int:id>/action/<action>/')
def profile(id, action):
if action == 'action1':
return 'Ação action1 usuário ID %d' % id
elif action == 'action2':
return 'Ação action2 usuário ID %d' % id
elif action == 'action3':
return 'Ação action3 usuário ID %d' % id
@app.route('/profile', methods=['POST'])
def create_profile():
username = request.form['username']
password = request.form['password']
return 'Essa rota possui um POST e criará um usuário com os dados de usuário %s e senha %s' % (username, password)
@app.route('/profile/<int:id>', methods=['PUT'])
def edit_total_profile(id):
username = request.form['username']
password = request.form['password']
return 'Essa rota possui um PUT e editará o nome do usuário para %s e a senha para %s ' % (username. password)
@app.route('/product', methods=['POST'])
def save_products():
product = ProductController()
result = product.save_product(request.form)
if result:
message = "Inserido"
else:
message = 'Não Inserido'
return message
@app.route('/product', methods=['PUT'])
def update_products():
product = ProductController()
result = product.update_product(request.form)
if result:
message = "Editado"
else:
message = 'Não Editado'
return message
@app.route('/products/', methods=['GET'])
@app.route('/products/<limit>', methods=['GET'])
@auth_token_required
def get_products(limit=None):
header = {
# 'access_token': request.headers['access_token'],
# "token_type": "JWT"
}
product = ProductController()
response = product.get_products(limit=limit)
return Response(json.dumps(response, ensure_ascii=False), mimetype='application/json'), response['status'], header
@app.route('/product/<product_id>', methods=['GET'])
@auth_token_required
def get_product(product_id):
header = {
'access_token': request.headers['access_token'],
"token_type": "JWT"
}
product =ProductController()
response = product.get_product_by_id(product_id=product_id)
return Response(json.dumps(response, ensure_ascii=False), mimetype='application/json'), response['status'], header
@app.route('/user/<user_id>', methods=['GET'])
@auth_token_required
def get_user_profile(user_id):
header = {
'access_token': request.headers['access_token'],
"token_type": "JWT"
}
user = UserController()
response = user.get_user_by_id(user_id=user_id)
return Response(json.dumps(response, ensure_ascii=False), mimetype='application/json'), response['status'], header
@app.route('/login_api/', methods=['POST'])
def login_api():
header = {}
user = UserController()
email = request.json['email']
password = request.json['password']
result = user.login(email, password)
code = 401
response = {"message": "Usuário não autorizado", "result": []}
if result:
if result.active:
result = {
'id': result.id,
'username': result.username,
'email': result.email,
'date_created': result.date_created,
'active': result.active
}
header = {
"access_token": user.generate_auth_token(result),
"token_type": "JWT"
}
code = 200
response["message"] = "Login realizado com sucesso"
response["result"] = result
return Response(json.dumps(response, ensure_ascii=False), mimetype='application/json'), code, header
return app
