Change authentication algorithm.
This commit is contained in:
Alexis Lahouze
parent
24ed36cc1b
commit
3fd746916c
@ -22,10 +22,6 @@ from functools import wraps
|
|||||||
from flask import request, g
|
from flask import request, g
|
||||||
from flask.ext.restful import Resource, fields, reqparse, marshal_with, marshal_with_field
|
from flask.ext.restful import Resource, fields, reqparse, marshal_with, marshal_with_field
|
||||||
|
|
||||||
from sqlalchemy.orm.exc import NoResultFound
|
|
||||||
|
|
||||||
from werkzeug.exceptions import BadRequest
|
|
||||||
|
|
||||||
from accountant import app
|
from accountant import app
|
||||||
|
|
||||||
from .. import api
|
from .. import api
|
||||||
@ -44,27 +40,6 @@ def load_user_from_auth(auth):
|
|||||||
return load_user_from_token(token)
|
return load_user_from_token(token)
|
||||||
|
|
||||||
|
|
||||||
def load_user_from_request():
|
|
||||||
# No token found, trying to authenticate using request data.
|
|
||||||
try:
|
|
||||||
data = parser.parse_args()
|
|
||||||
|
|
||||||
try:
|
|
||||||
user = User.query().filter(
|
|
||||||
User.email == data['email']
|
|
||||||
).one()
|
|
||||||
|
|
||||||
if user and user.verify_password(data['password']):
|
|
||||||
return user
|
|
||||||
|
|
||||||
except NoResultFound:
|
|
||||||
pass
|
|
||||||
except BadRequest:
|
|
||||||
pass
|
|
||||||
|
|
||||||
return None
|
|
||||||
|
|
||||||
|
|
||||||
def authenticate():
|
def authenticate():
|
||||||
return {'error': 'Please login before executing this request.'}, 401
|
return {'error': 'Please login before executing this request.'}, 401
|
||||||
|
|
||||||
@ -72,11 +47,11 @@ def authenticate():
|
|||||||
def requires_auth(f):
|
def requires_auth(f):
|
||||||
@wraps(f)
|
@wraps(f)
|
||||||
def wrapped(*args, **data):
|
def wrapped(*args, **data):
|
||||||
|
user = None
|
||||||
|
|
||||||
if 'Authorization' in request.headers:
|
if 'Authorization' in request.headers:
|
||||||
auth = request.headers['Authorization']
|
auth = request.headers['Authorization']
|
||||||
user = load_user_from_auth(auth)
|
user = load_user_from_auth(auth)
|
||||||
else:
|
|
||||||
user = load_user_from_request()
|
|
||||||
|
|
||||||
if user:
|
if user:
|
||||||
g.user = user
|
g.user = user
|
||||||
@ -104,10 +79,19 @@ parser.add_argument('password', type=str, required=True)
|
|||||||
|
|
||||||
|
|
||||||
class LoginResource(Resource):
|
class LoginResource(Resource):
|
||||||
@requires_auth
|
|
||||||
@marshal_with(token_resource_fields)
|
@marshal_with(token_resource_fields)
|
||||||
def post(self):
|
def post(self):
|
||||||
user = g.user
|
"""
|
||||||
|
Login to retrieve authentication token.
|
||||||
|
"""
|
||||||
|
data = parser.parse_args()
|
||||||
|
|
||||||
|
user = User.query().filter(
|
||||||
|
User.email == data['email']
|
||||||
|
).one_or_none()
|
||||||
|
|
||||||
|
if not user or not user.verify_password(data['password']):
|
||||||
|
authenticate()
|
||||||
|
|
||||||
token = user.generate_auth_token()
|
token = user.generate_auth_token()
|
||||||
expiration_time = arrow.now().replace(
|
expiration_time = arrow.now().replace(
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user