Skip to content

Commit

Permalink
flask initial jwt auth and hash db pwd #40 #41 #42
Browse files Browse the repository at this point in the history
  • Loading branch information
@lizzyaustad
lizzyaustad committed Oct 24, 2019
1 parent 04d9f02 commit e6abe75
Show file tree
Hide file tree
Showing 4 changed files with 58 additions and 6 deletions.
5 changes: 3 additions & 2 deletions app/__init__.py
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
from flask import Flask, request, current_app
from flask_cors import CORS
from flask_sqlalchemy import SQLAlchemy
from passlib.hash import pbkdf2_sha256 as sha256
import os
from config import Config

Expand Down Expand Up @@ -71,7 +72,7 @@ def build_sample_db(app):
first_name='Admin',
last_name='User',
email='admin',
password='admin',
password=sha256.hash('admin'),
phone='254798745678',
role_id=super_user_role.id,
co_op_id=co_op_1.id
Expand All @@ -80,7 +81,7 @@ def build_sample_db(app):
first_name='Test',
last_name='User',
email='[email protected]',
password='12345',
password=sha256.hash('12345'),
phone='254987654321',
role_id=user_role.id,
co_op_id=co_op_1.id
Expand Down
1 change: 1 addition & 0 deletions config.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ class Config(object):
FLASK_ADMIN_SWATCH = 'flatly'

SECRET_KEY = '123456790'
JWT_SECRET_KEY = 'abcdefg'

# database config
DATABASE_FILE = 'sample_db.sqlite'
Expand Down
56 changes: 52 additions & 4 deletions pangeanetwork.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,15 +2,19 @@
import os
import os.path as op
from datetime import datetime
from flask import Flask
from flask import request
from flask import Flask, request, Response
from flask_sqlalchemy import SQLAlchemy
from flask import Response
from app.models import User, CoOp, Role, Loan, Transaction
from flask_jwt_extended import (
JWTManager, jwt_required, create_access_token,
get_jwt_identity
)
from passlib.hash import pbkdf2_sha256 as sha256
from app.models import User, CoOp, Role, Loan, Transaction
import africastalking
import json

app = create_app()
jwt = JWTManager(app)

username = "sandbox"
api_key = os.environ.get('AT_API_KEY')
Expand Down Expand Up @@ -196,6 +200,7 @@ def index():


@app.route('/transactions', methods=['GET'])
@jwt_required
def transactions():
data = []
transactions = Transaction.query.order_by(Transaction.timestamp.desc()).all()
Expand All @@ -217,6 +222,7 @@ def transactions():


@app.route('/members', methods=['GET', 'POST'])
@jwt_required
def members():
if request.method == 'GET':
data = []
Expand Down Expand Up @@ -245,6 +251,7 @@ def members():


@app.route('/coops', methods=['GET'])
@jwt_required
def coops():
data = []
coops = CoOp.query.all()
Expand All @@ -266,6 +273,7 @@ def coops():


@app.route('/loans', methods=['GET'])
@jwt_required
def loans():
loans = Loan.query.all()
data = []
Expand All @@ -284,5 +292,45 @@ def loans():
results = {'data': data}
return Response(json.dumps(results), mimetype='application/json')


@app.route('/register', methods=['POST'])
def register():
email = request.form['email']
test = User.query.filter_by(email=email).first()
if test:
return Response(json.dumps({'message': 'That email already exists.'}), mimetype='application/json'), 409
else:
first_name = request.form['first_name']
last_name = request.form['last_name']
last_name = request.form['last_name']
password = request.form['password']
role_id = request.form['role_id']
co_op_id = request.form['co_op_id']
phone = request.form['phone']
user = User(first_name=first_name, last_name=last_name, email=email, password=sha256.hash(password), role_id=role_id, co_op_id=co_op_id, phone=phone)
db.session.add(user)
db.session.commit()
return Response(json.dumps({ 'message': 'Admin created successfully.' }), mimetype='application/json'), 201


@app.route('/login', methods=['POST'])
def login():
if request.is_json:
email = request.json['email']
password = request.json['password']
else:
email = request.form['email']
password = request.form['password']
test = User.query.filter_by(email=email).first()
if test:
if sha256.verify(password, test.password):
access_token = create_access_token(identity=email)
return Response(json.dumps({ 'message': 'Login succeeded', 'access_token': access_token }), mimetype='application/json')
else:
return Response(json.dumps({ 'message': 'Invalid email/password.' }), mimetype='application/json'), 401
else:
return Response(json.dumps({ 'message': 'That email does not exist.' }), mimetype='application/json'), 401


if __name__ == '__main__':
app.run()
2 changes: 2 additions & 0 deletions requirements.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,3 +3,5 @@ Flask-Admin
Flask-SQLAlchemy
Flask-CORS
africastalking
flask-jwt-extended
passlib

0 comments on commit e6abe75

Please sign in to comment.