def student_get_assignment(netid, cid, aid):
if not verify_student_or_staff(netid, cid):
return abort(HTTPStatus.FORBIDDEN)
course = db.get_course(cid)
assignment = db.get_assignment(cid, aid)
runs = db.get_assignment_runs_for_student(cid, aid, netid)
now = util.now_timestamp()
num_available_runs = get_available_runs(cid, aid, netid, now)
active_extensions, num_extension_runs = get_active_extensions(
cid, aid, netid, now)
user = db.get_user(netid)
commit = get_latest_commit(netid, user["access_token"],
course["github_org"])
if verify_staff(netid, cid):
num_available_runs = max(num_available_runs, 1)
return render_template("student/assignment.html",
netid=netid,
course=course,
assignment=assignment,
commit=commit,
runs=runs,
num_available_runs=num_available_runs,
num_extension_runs=num_extension_runs,
tzname=str(TZ),
broadway_api_url=BROADWAY_API_URL)
def wrapper(*arg, **kwargs):
netid = request.form["netid"]
token = request.headers["Authorization"]
user = db.get_user(netid)
if user is None or user["personal_token"] != token:
return abort(HTTPStatus.FORBIDDEN)
kwargs[UID_KEY] = netid
return func(*arg, **kwargs)
def request_loader(request):
email, id, password = [request.form.get(e) for e in ['email', 'id', 'password']]
user = user_loader(id)
logging.info(str(user))
logging.info(type(user))
if user is not None:
logging.info("----------------")
logging.info(db.get_user(id)['password'])
logging.info(request.form['password'])
logging.info(hash_pwd(request.form['password']))
if bcrypt.check_password_hash(
db.get_user(id)['password'],
request.form['password']
):
logging.debug(f'{id} is authenticated')
return user
def get_current_user(token: str = Depends(oauth2_scheme),
connection: Connection = Depends(get_db)) -> Optional[Tuple[str]]:
try:
payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[settings.ALGORITHM])
username: str = payload.get("sub")
if username is None:
return
token_data = TokenData(username=username)
except Exception:
return
user = get_user(connection, username=token_data.username)
if not user:
return
return user
def login():
print('login')
logout_user()
id, password = [request.get_json()[e] for e in ['id', 'password']]
logging.info(f'---> extracted: {id}, {password}')
if current_user.is_authenticated:
logging.info(f'already authenticated as {current_user}')
return jsonify('ok'), 200 ## redirect(flask.url_for('index'))
print("getting user info")
user = db.get_user(id)
chck = None if user is None else bcrypt.check_password_hash(
user['password'],password)
# logging.info(f'Check password: {chck}')
if not chck:
logging.info("invalid credentials")
return jsonify("invalid credentials"), 401## redirect(flask.url_for('login'))
login_user(User(**user) , remember=True)
return jsonify('ok'), 200 ## redirect(flask.url_for('index'))
def user_loader(id):
user = db.get_user(id)
logging.debug(f'user loader for {id}: {user}')
if user is not None:
return User(**user)