def put(self, public_id): selectQuery = users_tbl.select(users_tbl.c.public_id == public_id) result = list(selectQuery.execute()) if not result: return ({"message": "no such public_id exists, token not changed"}) if result: _id = result[0][0] #public_id = result[0][1] company = result[0][2] #token = result[0][3] active = result[0][4] new_public_id = str(uuid.uuid4()) new_token = str( jwt.encode({ "public_id": public_id }, APP_SECRET_KEY, algorithm='HS256').decode("UTF-8")) update_statement = users_tbl.update().where( users_tbl.c.public_id == public_id).values( public_id=new_public_id, token=new_token) update_statement.execute() return ({ "message": "successfully updated user with new token", "public_id": new_public_id, "company": company, "token": new_token, "active": active })
def post(self, company): #add users to the table unless they already exist try: selectQuery = users_tbl.select(users_tbl.c.company == company) result = list(selectQuery.execute()) if result: return ({ "message": "company already exists under that name pick a new one" }) public_id = str(uuid.uuid4()) #public_id = "818fb7e6-7074-4730-8bd8-cba675535280" token = str( jwt.encode({ "public_id": public_id }, APP_SECRET_KEY, algorithm='HS256').decode("UTF-8")) users_tbl.insert().execute(public_id=public_id, token=token, company=company) return ({ "message": "successfully created a new user", "company": company, "public_id": public_id, "token": token }, 201) except: return ({"message": "unable to update database"}, 500)
def decorated(*args, **kwargs): token = None if "x-access-token" not in request.headers: return ({"message": "x-access-token is missing from header"}) if "x-access-token" in request.headers: token = request.headers["x-access-token"] else: return ({"message": "token is missing"}, 401) if not token: return ({"message": "token is missing"}, 401) try: data = jwt.decode(token, app.config["SECRET_KEY"]) public_id = data['public_id'] try: selectQuery = users_tbl.select( users_tbl.c.public_id == public_id) result = list(selectQuery.execute()) if result[0][2] == "admin": return f(*args, **kwargs) else: return ({"message": "forbidden not admin"}, 403) except Exception as e: return ({"message": str(e)}, 500) except: return ({"message": "token is invalid"}, 401)
def get(self, public_id): selectQuery = users_tbl.select(users_tbl.c.public_id == public_id) result = list(selectQuery.execute()) if result: _id = result[0][0] public_id = result[0][1] company = result[0][2] token = result[0][3] active = result[0][4] return ({ "company": company, "public_id": public_id, "token": token, "active": active }) else: return ({"message": "no such public_id exists in the database"})
def decorated(*args, **kwargs): token = None if "x-access-token" not in request.headers: return ({"message": "x-access-token is missing from header"}) if "x-access-token" in request.headers: token = request.headers["x-access-token"] else: return ({"message": "token is missing"}, 401) if not token: return ({"message": "token is missing"}, 401) try: data = jwt.decode(token, app.config["SECRET_KEY"]) public_id = data['public_id'] try: selectQuery = users_tbl.select( users_tbl.c.public_id == public_id) result = list(selectQuery.execute()) if result: if result[0][4] == True: return f(*args, **kwargs) else: return ({ "message": "you are not an activated user" }, 401) else: return ({"message": "public_id not found"}, 401) except: return ({ "message": "an error occured and your token may or may not be valid" }, 500) except: return ({"message": "token is invalid"}, 401)