def post(self):
if request.authorization is None:
return {"errors": {"detail": "Basic auth header missing"}}, 400
username = request.authorization.get("username")
password = request.authorization.get("password")
LOGGER.debug({username: password})
user = User.query.filter_by(username=username).first()
if user is not None:
try:
if bcrypt.checkpw(password.encode("utf8"), user.pw_hash):
payload = {
"sub": username,
"is_admin": user.is_admin,
"is_mod": user.is_mod,
"iat": int(time.time()),
}
token = jwt.encode(payload, SECRET_KEY, algorithm="HS256")
LOGGER.debug({"Token": token})
return {
"data": {
"access_token": token.decode("utf-8")
}
}, 200
except Exception as e:
LOGGER.error({"Exception": e})
return {"errors": {"detail": "server error"}}, 500
return {"errors": {"detail": "Invalid Credentials"}}, 403
def get(self, jwt_payload=None):
"""Get list of all users."""
LOGGER.debug({"JWT payload": jwt_payload})
user_filter = {}
users = User.get_all()
users_json = [res.to_json() for res in users]
return Success({"users": users_json}).to_json(), 200
def get(self):
username = request.authorization.get("username")
LOGGER.debug({"username": username})
password = request.authorization.get("password")
LOGGER.debug({"password": password})
if username in USERS and password == USERS[username]:
return {"message": "Authenticated"}, 200
return {"message": "Invalid Credentials"}, 403
def get(self, username, jwt_payload=None):
"""Get info on a user.
Args:
username: Username to lookup.
"""
LOGGER.debug({"Requested user": username})
user = User.get_user(username)
if user is not None:
user_json = user.to_json()
return Success(user_json).to_json(), 200
return Fail(f"user {username} not found").to_json(), 404
def get(self, topicName):
"""Get info on a topic
Args:
topicName: Topic to lookup
"""
LOGGER.debug({"Requested Topic": topicName})
topic = Topic.get_topic(topicName)
if topic is not None:
topic_json = topic.to_json(posts=True)
return Success({"topic": topic_json}).to_json(), 200
return Fail(f"topic {topicName} not found").to_json(), 404
def get(self, post_id, jwt_payload=None):
"""Get info on a specific post.
Args:
post_id: UUID of the post to lookup.
"""
if not validate_uuid(post_id):
return Fail("invalid post ID").to_json(), 400
LOGGER.debug({"Requested Post": post_id})
post = Post.get_post(post_id)
if post is not None:
return Success({"post": post.to_json()}).to_json(), 200
return Fail(f"post with ID {post_id} not found").to_json(), 404
def get(self, reply_id, jwt_payload=None):
"""Get info on a specific reply.
Args:
reply_id: UUID of the post to lookup.
"""
if not validate_uuid(reply_id):
return Fail("invalid reply ID").to_json(), 400
LOGGER.debug({"Requested reply": reply_id})
reply = Reply.get_reply(reply_id)
if reply is not None:
return Success({"reply": reply.to_json()}).to_json(), 200
return Fail(f"post with ID {reply_id} not found").to_json(), 404
def decorated_function(*args, **kwargs):
try:
token = request.headers.get("authorization").split(" ")[1]
LOGGER.debug({"Token": token})
decoded = jwt.decode(token, SECRET_KEY, algorithms=["HS256"])
LOGGER.debug({"Decoded": decoded})
except Exception as e:
LOGGER.debug({"Message": str(e)})
return Fail("Invalid or missing JWT").to_json(), 401
return f(jwt_payload=JWTPayload(decoded), *args, **kwargs)