def login(request, role):
if request.method == 'POST':
credential = request.get_json()
# Queries for user in database. Since usernames are unique, if it exists in db it should be the first appearance
# TODO: consider login options with other fields other that username (ex: email)
user = User.query.filter_by(username=credential['username']).first()
print(user.object())
if user:
# Check if user role matches with the page trying to login to
user_role = Role(user.object()['roles'][0])
if user_role.get_name() == role.get_name():
global current_user
# Check if password is valid
if check_password_hash(user.password, credential['password']):
try:
remember = credential['remember']
except:
# If remember field is null, set default to false
remember = False
login_user(user, remember)
return jsonify(result=user.object()), 200
return jsonify(result="Invalid password"), 401
return jsonify(result="User trying to login to unathorized page"), 401
return jsonify(result="User not found"), 401
return jsonify(result="Is not a Post method, but returns"), 200
rbac.set_user_loader(lambda: current_user)
rbac.set_user_model(User)
rbac.set_role_model(Role)
login_manager = LoginManager()
login_manager.init_app(app)
login_manager.login_view = '/login'
@login_manager.user_loader
def load_user(user_id):
return User.query.get(int(user_id))
# Initial role for RBAC to work
start = Role('DUMMY')
rbacDummy = User(roles=[start])
# To use this variable write global before the name in the methods
# login_manager.anonymous_user = rbacDummy
# Blueprints to import. Need to be after rbac
from RumboEx.Blueprints.logins import logins
from RumboEx.Blueprints.tasks import tasks
from RumboEx.Blueprints.courses import courses
from RumboEx.Blueprints.student_page import student_page
from RumboEx.Blueprints.appointments import appointments
from RumboEx.Blueprints.users import users
# Register blueprints
app.register_blueprint(logins)
def professorlogin():
return login(request, Role('professor'))
def advisorlogin():
return login(request, Role('advisor'))
def mentorlogin():
return login(request, Role('mentor'))
def psychologistlogin():
return login(request, Role('psychologist'))
def counselorlogin():
return login(request, Role('counselor'))
def studentlogin():
return login(request, Role('student'))
def adminlogin():
return login(request, Role('admin'))