Base of authentication.

This commit is contained in:
Alexis Lahouze 2015-06-05 18:15:50 +02:00
parent bb01282877
commit 29c030fde1
7 changed files with 64 additions and 6 deletions

0
__init__.py Normal file
View File

View File

@ -1,4 +1,7 @@
import pkgutil
from flask.ext.httpauth import HTTPBasicAuth
auth = HTTPBasicAuth()
__all__ = []

View File

@ -14,6 +14,7 @@
You should have received a copy of the GNU Affero General Public License
along with Accountant. If not, see <http://www.gnu.org/licenses/>.
"""
from . import auth
from .. import api
from ..model import db, session_scope
from ..model.accounts import Account
@ -21,8 +22,10 @@ from ..model.entries import Entry
from ..model.operations import Operation
from flask import json, request
from sqlalchemy import func, case, cast, extract, distinct
from forms.accounts import AccountIdForm, AccountForm
@api.route("/accounts", methods=["GET"])
@auth.login_required
def get_accounts():
"""
Returns accounts with their solds.
@ -47,6 +50,7 @@ def get_accounts():
} for i in query.all()])
@api.route("/accounts/<account_id>/<year>/<month>/")
@auth.login_required
def get_account_status(account_id, year, month):
with session_scope() as session:
query = session.query(
@ -76,6 +80,7 @@ def get_account_status(account_id, year, month):
})
@api.route("/accounts/<account_id>/months")
@auth.login_required
def get_months(account_id):
with session_scope() as session:
query = session.query(
@ -89,6 +94,7 @@ def get_months(account_id):
} for i in query.all()])
@api.route("/accounts", methods=["PUT"])
@auth.login_required
def add_account():
with session_scope() as session:
account = Account(request.json['name'], request.json['authorized_overdraft'])
@ -99,18 +105,25 @@ def add_account():
@api.route("/accounts/<account_id>", methods=["PUT"])
@auth.login_required
def update_account(account_id):
with session_scope() as session:
account = session.query(Account).filter(Account.id == account_id).first()
account_form = AccountForm()
account.name = request.json['name']
account.authorized_overdraft = request.json['authorized_overdraft']
if account_form.validate():
with session_scope() as session:
account = session.query(Account).filter(Account.id == account_id).first()
session.merge(account)
account.name = request.json['name']
account.authorized_overdraft = request.json['authorized_overdraft']
return json.dumps("Account #%s updated." % account_id)
session.merge(account)
return json.dumps("Account #%s updated." % account_id)
else:
return json.dumps({'ok': False, 'error_type': 'validation', 'errors': account_form.errors})
@api.route("/accounts/<account_id>", methods=["DELETE"])
@auth.login_required
def delete_account(account_id):
with session_scope() as session:
account = session.query(Account).filter(Account.id == account_id).first()

29
api/controller/users.py Normal file
View File

@ -0,0 +1,29 @@
"""
This file is part of Accountant.
Accountant is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
Accountant is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with Accountant. If not, see <http://www.gnu.org/licenses/>.
"""
from . import auth
from .. import api
from ..model import db, session_scope
@auth.verify_password
def verify_password(username, password):
if username == 'titi' and password == 'toto':
return True
# Update principal identity
return False

4
app.py
View File

@ -16,6 +16,7 @@
"""
from api import api
#from api.controller import login_manager
from api.model import db
from flask import Flask
from flask.ext.sqlalchemy import SQLAlchemy
@ -28,8 +29,11 @@ app = Flask(__name__, static_folder = None)
app.config['SQLALCHEMY_DATABASE_URI'] = config.db_uri
app.config['SQLALCHEMY_RECORD_QUERIES'] = config.debug
app.config['WTF_CSRF_ENABLED'] = False
app.config['SECRET_KEY'] = 'my_secret_key'
db.init_app(app)
#login_manager.init_app(app)
app.register_blueprint(frontend, url_prefix='')
app.register_blueprint(api, url_prefix='/api')

0
forms/__init__.py Normal file
View File

9
forms/accounts.py Normal file
View File

@ -0,0 +1,9 @@
from flask_wtf import Form
from wtforms import DecimalField, IntegerField, StringField
class AccountIdForm(Form):
id = IntegerField()
class AccountForm(AccountIdForm):
name = StringField()
authorized_overdraft = DecimalField()