def decorated(*args, **kwargs):
try:
token = request.headers['token']
except KeyError:
raise exc.TokenMissing
try:
data = jwt.decode(token, app.config['SECRET_KEY'])
except jwt.exceptions.DecodeError:
raise exc.TokenInvalid
try:
admin = data['admin']
admin = api.get_consumer(admin['id'])
adminroles = api.getAdminroles(admin)
except KeyError:
raise exc.NotAuthorized
if len(adminroles) == 0:
raise exc.NotAuthorized
admin = validation.to_dict(admin)
_adminroles = []
for a in adminroles:
_adminroles.append(a.department_id)
admin['adminroles'] = _adminroles
return f(admin, *args, **kwargs)
def get_activityfeedback(self, activity_id, list_all=False):
consumers = self.list_consumers()
cur = self.con.cursor()
cur.row_factory = factory(models.Activityfeedback)
feedback = {}
for consumer in consumers:
feedback[consumer.id] = [] if list_all else None
if list_all:
cur.execute(
'SELECT * FROM {} WHERE activity_id=?;'.format(
models.Activityfeedback._tablename), (activity_id, ))
else:
cur.execute(
'SELECT * FROM activityfeedbacks WHERE activity_id=? '
'GROUP BY consumer_id;'.format(
models.Activityfeedback._tablename), (activity_id, ))
res = cur.fetchall()
if list_all:
for r in res:
feedback[r.consumer_id].append(validation.to_dict(r))
else:
for r in res:
feedback[r.consumer_id] = r.feedback
return feedback
def login():
try:
json_data = json_body()
email = json_data['email']
password = json_data['password']
except KeyError:
raise exc.MissingData
# Get consumer via email address. If this fails, ObjectNotFound gets raised
consumer = validation.to_dict(api.get_consumer_by_email(email))
if not consumer['hasCredentials']:
raise exc.ConsumerNeedsCredentials
if not bcrypt.check_password_hash(consumer['password'], password):
raise exc.NotAuthorized
# Check if the consumer has administrator rights
adminroles = api.getAdminroles(api.get_consumer(consumer['id']))
if not adminroles:
_type = 'consumer'
else:
_type = 'admin'
consumer['adminroles'] = list(map(validation.to_dict, adminroles))
for role in consumer['adminroles']:
role['timestamp'] = str(role['timestamp'])
del consumer['password']
# Define token
exp = datetime.datetime.now() + datetime.timedelta(minutes=30)
token = jwt.encode({_type: consumer, 'exp': exp}, app.config['SECRET_KEY'])
result = {}
result['result'] = True
result['token'] = token.decode('UTF-8')
return jsonify(result)
def getActivity(id):
return jsonify(validation.to_dict(api.get_activity(id)))
def getPurchase(id):
return jsonify(validation.to_dict(api.get_purchase(id)))
def getProduct(id):
return jsonify(validation.to_dict(api.get_product(id)))
def getConsumer(id):
consumer = validation.to_dict(api.get_consumer(id))
if 'password' in consumer:
del consumer['password']
return jsonify(consumer)