Skip to content

Commit

Permalink
Worked some more
Browse files Browse the repository at this point in the history
  • Loading branch information
@Chelsea486MHz
Chelsea486MHz committed Jan 1, 2024
1 parent 3a5d311 commit d2855cb
Show file tree
Hide file tree
Showing 3 changed files with 37 additions and 38 deletions.
2 changes: 2 additions & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
*/__pycache__
*/.venv
70 changes: 33 additions & 37 deletions auth/app.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,6 @@ class Token(db.Model):
id = db.Column(db.Integer, primary_key=True)
token = db.Column(db.String(48), unique=True, nullable=False)
type = db.Column(db.Integer) # 0 = compute, 1 = manager, 2 = user
creation_date = db.Column(db.DateTime, nullable=False)
expiration_date = db.Column(db.DateTime, nullable=False)
revoked = db.Column(db.Boolean, nullable=False)

Expand All @@ -41,7 +40,7 @@ def authenticate(request, type='any'):
elif token.revoked:
# Token has been revoked
return False
elif token.expiration_date < datetime.datetime.now():
elif token.expiration_date < datetime.now():
# Token has expired
return False
else:
Expand All @@ -51,42 +50,43 @@ def authenticate(request, type='any'):

@app.route('/api/common/version', methods=['POST'])
def api_common_version():
if not authenticate(request):
return '{failure}', 401
return response
with app.app_context():
if not authenticate(request):
return jsonify({'error': True}), 401
return jsonify({'version': os.environ.get('VERSION')}), 200


@app.route('/api/common/type', methods=['POST'])
def api_common_type():
if not authenticate(request):
return '{failure}', 401
return response
with app.app_context():
if not authenticate(request):
return jsonify({'error': True}), 401
return jsonify({'version': os.environ.get('TYPE')}), 200


@app.route('/api/token/create', methods=['POST'])
def api_token_create():

# Check for required fields
if not request.json:
return '{failure}', 400
return jsonify({'error': True}), 400
elif not request.json.get('type'):
return '{failure}', 400
return jsonify({'error': True}), 400
elif not request.json.get('expiration_date'):
return '{failure}', 400
return jsonify({'error': True}), 400

# Check for correct data types
if not isinstance(request.json.get('type'), str):
return '{failure}', 400
return jsonify({'error': True}), 400
elif not isinstance(request.json.get('expiration_date'), str):
return '{failure}', 400
return jsonify({'error': True}), 400

# Check for valid token length
if len(request.json.get('token')) != 48:
return '{failure}', 400
return jsonify({'error': True}), 400

# Authenticate the request
if not authenticate(request, 'user'):
return '{failure}', 401
return jsonify({'error': True}), 401

# Extract information from the request
expiration_date = request.json.get('expiration_date')
Expand All @@ -101,7 +101,7 @@ def api_token_create():
elif request.json.get('type') == 'user':
token_type_integer = 2
else:
return '{failure}', 400
return jsonify({'error': True}), 400

# Create a new Token entry in the database
new_token = Token(token=hashed_token,
Expand All @@ -112,28 +112,28 @@ def api_token_create():
db.session.add(new_token)
db.session.commit()

return '{success}'
return jsonify({"token": token_to_create}), 201


@app.route('/api/token/revoke', methods=['POST'])
def api_token_revoke():
# Check for required fields
if not request.json:
return '{failure}', 400
return jsonify({'error': True}), 400
elif not request.json.get('token'):
return '{failure}', 400
return jsonify({'error': True}), 400

# Check for correct data types
if not isinstance(request.json.get('token'), str):
return '{failure}', 400
return jsonify({'error': True}), 400

# Check for valid token length
if len(request.json.get('token')) != 48:
return '{failure}', 400
return jsonify({'error': True}), 400

# Authenticate the request
if not authenticate(request, 'user'):
return '{failure}', 401
return jsonify({'error': True}), 401

# Extract information from the request
token_to_revoke = request.json.get('token')
Expand All @@ -142,41 +142,41 @@ def api_token_revoke():
# Find the token in the database
token = Token.query.filter_by(token=hashed_token).first()
if not token:
return '{failure}', 400
return jsonify({'error': True}), 400

# Revoke the token
token.revoked = True
db.session.commit()

return '{success}'
return jsonify({'success': True}), 200


@app.route('/api/token/authenticate', methods=['POST'])
def api_token_authenticate():
# Check for required fields
if not request.json:
return '{failure}', 400
return jsonify({'error': True}), 400
elif not request.json.get('token'):
return '{failure}', 400
return jsonify({'error': True}), 400

# Check for correct data types
if not isinstance(request.json.get('token'), str):
return '{failure}', 400
return jsonify({'error': True}), 400

# Check for valid token length
if len(request.json.get('token')) != 48:
return '{failure}', 400
return jsonify({'error': True}), 400

# Authenticate the request
if not authenticate(request, 'user'):
return '{failure}', 401
return jsonify({'error': True}), 401

# Extract information from the request
token_to_authenticate = request.json.get('token')

# Check for valid token length
if len(token_to_authenticate) != 48:
return '{failure}', 400
return jsonify({'error': True}), 400

# Check if the token is valid
valid = "true" if authenticate(token_to_authenticate) else "false"
Expand All @@ -191,14 +191,10 @@ def api_token_authenticate():
elif token.type == 2:
type = 'user'
else:
return '{failure}', 400
return jsonify({'error': True}), 400

# Response
data = {
"type": type,
"valid": valid
}
return json.dumps(data)
return jsonify({"type": type, "valid": valid}), 200


if __name__ == '__main__':
Expand Down
3 changes: 2 additions & 1 deletion auth/requirements.txt
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
gunicorn
flask
Flask-SQLAlchemy
PyMySQL
PyMySQL
jsonify

0 comments on commit d2855cb

Please sign in to comment.