def post(self):
user_data = request.get_json()
ip_address = request.remote_addr
if not user_data or 'username' not in user_data or 'password' not in user_data:
raise HttpAuthenticationException(message='Invalid Login')
username = user_data.get('username')
password = user_data.get('password')
user = AppUserDataAccess().get_user_by_username(username)
roles = AppUserDataAccess().get_roles_by_user_id(user.app_user_id)
auth_obj = Authentication()
if auth_obj.compare_passwords(password, user.password_hash) == False:
raise HttpAuthenticationException(message='Invalid Login')
auth_jwt = auth_obj.create_jwt(username, ip_address)
return AuthModel._construct(auth_jwt, roles)
def get_claim_data_decorator_func(*args, **kwargs):
decorator_data = get_key_or_default(kwargs, 'decorator_data', {})
app_user_id = decorator_data['app_user_id']
claim_data = AppUserDataAccess().get_claim_data_by_user_id(app_user_id, claim_name)
decorator_data['claim_name'] = claim_name
decorator_data['claim_data'] = claim_data
return func(*args, decorator_data=decorator_data, **kwargs)
def put(self, article_id):
article_data = request.get_json()
result = ArticleDataAccess().edit_article(article_id, article_data)
user = AppUserDataAccess().get_user_by_id(result.app_user_id)
article_group = ArticleGroupDataAccess().get_article_group(
result.article_group_id
) if result.article_group_id is not None else None
return ArticleModel._construct_for_output(result, user, article_group)
def post(self):
registration_data = request.get_json()
# get the password and remove it from the object at the same time
password = registration_data.pop('password', None)
hashed_password = Authentication().hash_password(password)
app_user = AppUserModel(**registration_data)
result = AppUserDataAccess().create_user(app_user, hashed_password)
model = AppUserModel._construct(result)
model.pop('password_hash', None)
return model
def requires_role_decorator_func(*args, **kwargs):
decorator_data = get_key_or_default(kwargs, 'decorator_data', {})
app_user_id = decorator_data['app_user_id']
role_array = role_list.split(',')
user_roles = AppUserDataAccess().get_roles_by_user_id(app_user_id)
for user_role in user_roles:
try:
role_index = role_array.index(user_role)
if role_index > -1:
return func(*args, decorator_data=decorator_data, **kwargs)
except ValueError as ve:
raise HttpAuthenticationException(message='Access denied')
def post(self):
app_user_data = request.get_json()
# Add validation here
# get the password and remove it from the object at the same time
password = app_user_data.pop('password', None)
hashed_password = Authentication().hash_password(password)
app_user = AppUserModel(**app_user_data)
# Only leave the admin user on when one needs to be created
result = AppUserDataAccess().create_user(app_user, hashed_password)
#result = AppUserDataAccess().create_admin_user(app_user, hashed_password)
return AppUserModel._construct(result)
def authenticate_with_jwt(self, jwt_string, ip_address):
payload = self.decode_jwt(jwt_string)
if hasattr(payload, 'err'):
return payload
username = payload.get('username', None)
previous_ip = payload.get('ip_address', None)
token_expiration = payload.get('exp', None)
if username is None or previous_ip is None or token_expiration is None:
return HttpAuthenticationException(
message='Invalid authentication token format')
# may want to check the ip address to make sure it hasn't changed
app_user = AppUserDataAccess().get_user_by_username(username)
app_user_id = app_user.app_user_id
return jwt_string, app_user_id
def get(self, username):
app_user = AppUserDataAccess().get_user_by_username(username)
return AppUserModel._construct(app_user)