passwordManager/app.py at master · baxter-cs/passwordManager · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
from flask import Flask, request, jsonify, make_response, abort, Response, url_for
import db_functions
import util
import exceptions
import json


app = Flask(__name__)

public_address = json.load(open(util.path_to_this_files_directory() + 'settings.json')).get('public_address', '')


def home_cor(obj):
	return_response = make_response(obj)
	return_response.headers['Access-Control-Allow-Origin'] = "*"
	return_response.headers['Access-Control-Allow-Methods'] = 'POST,GET,OPTIONS,PUT,DELETE'
	return_response.headers['Access-Control-Allow-Headers'] = "Content-Type, Access-Control-Allow-Origin, Accept"
	return return_response


@app.errorhandler(401)
def http_401(message=''):
	if message == '':
		return home_cor(Response('Invalid Credentials', 401, {'Erebus': 'error="Invalid Credentials"'}))
	else:
		return home_cor(Response(message, 401))


@app.route('/', methods=['OPTIONS', 'GET'])
def root():
	if request.method == 'GET':
		response = {
			'endpoints': {
				'account': public_address + url_for('account')
			}
		}
		return home_cor(jsonify(**response))
	else:
		return home_cor(jsonify(**{}))


@app.route('/account', methods=['OPTIONS', 'GET'])
def account():
	if request.method == 'GET':
		response = {
			'endpoints': {
				'create': public_address + url_for('account_create'),
				'login': public_address + url_for('account_login')
			}
		}
		return home_cor(jsonify(**response))
	else:
		return home_cor(jsonify(**{}))


@app.route('/account/create', methods=['OPTIONS', 'GET'])
def account_create():
	response = dict()

	if request.method == 'OPTIONS':
		return home_cor(jsonify(**response))
	elif request.method == 'GET':
		username = request.args.get('username', '')
		password = request.args.get('password', '')

		try:
			uid = db_functions.create_user(username, password)
			response['Success'] = True
			response['uid'] = uid
			return home_cor(jsonify(**response))
		except exceptions.UsernameTakenException:
			response['Success'] = False
			response['reason'] = 'Username Taken'
			return home_cor(jsonify(**response))


@app.route('/account/login', methods=['POST', 'OPTIONS', 'GET'])
def account_login():
	response = dict()

	if request.method == 'OPTIONS':
		return home_cor(jsonify(**response))
	elif request.method == 'GET':
		username = request.args.get('username', '')
		password = request.args.get('password', '')
		aid = db_functions.login(username, password)
		response['valid_aid'] = aid[0]
		response['aid'] = aid[1]
		return home_cor(jsonify(**response))
	elif request.method == 'POST':
		data = request.json
		if data is not None:
			username = data.get('username', None)
			password = data.get('password', None)
			if username is not None and password is not None:
				db_response = db_functions.login(username, password)
				if db_response[0]:
					response['status'] = 'Success'
					response['uid'] = db_response[1]
					return home_cor(jsonify(**response))
		return http_401()

app.run(debug=True, host='0.0.0.0', port=1234)