-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathapp.py
More file actions
executable file
·103 lines (83 loc) · 3 KB
/
app.py
File metadata and controls
executable file
·103 lines (83 loc) · 3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
#!/usr/bin/env python3
""" A simple Flask app with authentication features """
from flask import Flask, jsonify, request, abort, redirect
from auth import Auth
app = Flask(__name__)
AUTH = Auth()
@app.route('/', strict_slashes=False)
def index():
""" Return a message """
return jsonify({"message": "Bienvenue"})
@app.route('/users', methods=['POST'], strict_slashes=False)
def users():
""" Register a user """
email = request.form.get('email')
password = request.form.get('password')
try:
AUTH.register_user(email, password)
except ValueError:
return jsonify({"message": "email already registered"}), 400
return jsonify({"email": "{}".format(email), "message": "user created"})
@app.route('/sessions', methods=['POST'], strict_slashes=False)
def login():
""" handle Login Operation """
email = request.form.get('email')
password = request.form.get('password')
if not email or not password:
abort(401)
if not AUTH.valid_login(email, password):
abort(401)
session_id = AUTH.create_session(email)
response = jsonify({"email": "{}".format(email),
"message": "logged in"})
response.set_cookie('session_id', session_id)
return response
@app.route('/sessions', methods=['DELETE'], strict_slashes=False)
def logout():
""" handle Logout Operation """
session_id = request.cookies.get('session_id')
if not session_id:
abort(403)
user = AUTH.get_user_from_session_id(session_id)
if not user:
abort(403)
AUTH.destroy_session(user.id)
return redirect('/')
@app.route('/profile', methods=['GET'], strict_slashes=False)
def profile():
""" get user profile data """
session_id = request.cookies.get('session_id')
if not session_id:
abort(403)
user = AUTH.get_user_from_session_id(session_id)
if not user:
abort(403)
return jsonify({"email": "{}".format(user.email)})
@app.route('/reset_password', methods=['POST'], strict_slashes=False)
def get_reset_password_token():
""" Get reset token for the user with it's email """
email = request.form.get('email')
if not email:
abort(403)
try:
reset_token = AUTH.get_reset_password_token(email)
return jsonify({"email": "{}".format(email),
"reset_token": "{}".format(reset_token)})
except ValueError:
abort(403)
@app.route('/reset_password', methods=['PUT'], strict_slashes=False)
def update_password():
""" Update user password by a valid token """
email = request.form.get('email')
reset_token = request.form.get('reset_token')
new_password = request.form.get('new_password')
if not email or not reset_token or not new_password:
abort(403)
try:
AUTH.update_password(reset_token, new_password)
return jsonify({"email": email,
"message": "Password updated"})
except ValueError:
abort(403)
if __name__ == "__main__":
app.run(host="0.0.0.0", port="5000")