TG-35 : API de login

2017-01-23 15:50:05 +01:00 · 2017-01-23 15:50:05 +01:00 · e523da2f1d
parent 4d31f5fbe7
commit e523da2f1d
4 changed files with 55 additions and 3 deletions
--- a/backend/app/api/loginAPI.py
+++ b/backend/app/api/loginAPI.py
@ -0,0 +1,33 @@
+from flask import session
+from flask.ext.restful.reqparse import RequestParser
+from flask_restful import Resource
+
+from app.model import *
+
+
+class LoginAPI(Resource):
+    """
+        Login Api Resource
+    """
+
+    def post(self):
+        parser = RequestParser()
+        parser.add_argument('login', required=True, help="Login cannot be blank!")
+        parser.add_argument('password', required=True, help="Password cannot be blank!")
+        args = parser.parse_args()
+
+        userInfo = self.getUserInfoFromCAS(args['login'], args['password'])
+
+        if userInfo is not None:
+            query = USER.select(USER.c.login == userInfo["login"])
+            # TODO : check si le user fait partie d'un group actif
+            if query.count() == 1:
+                session['user'] = query.select().execute().first()
+                return {'AUTH_RESULT': 'OK'}, 200
+            else:
+                return {'AUTH_RESULT': 'NOT_ALLOWED'}, 403
+        else:
+            return {'AUTH_RESULT': 'AUTHENTICATION_FAILED'}, 401
+
+    def getUserInfoFromCAS(self, login, password):
+        pass
--- a/backend/app/urls.py
+++ b/backend/app/urls.py
@ -1,5 +1,7 @@
-from app.core import api
 from app.api.exampleapi import SomeApi
+from app.api.loginAPI import LoginAPI
+from app.core import api

 # Some Api resource
 api.add_resource(SomeApi, '/api/someapi', '/api/someapi/<int:id>')
+api.add_resource(LoginAPI, '/api/login', '/api/login')
--- a/backend/app/utils.py
+++ b/backend/app/utils.py
@ -0,0 +1,15 @@
+import random
+import string
+from hashlib import sha512
+
+SIMPLE_CHARS = string.ascii_letters + string.digits
+
+
+def get_random_string(length=24):
+    return ''.join(random.choice(SIMPLE_CHARS) for i in range(length))
+
+
+def get_random_hash(length=24):
+    hash = sha512()
+    hash.update(get_random_string())
+    return hash.hexdigest()[:length]
--- a/backend/manage.py
+++ b/backend/manage.py
@ -4,10 +4,11 @@ import os
 import unittest
 import warnings

-from app.config import Config
 from flask_script import Manager, Command
 from flask_script import prompt_bool

+from app.config import Config
+
 warnings.simplefilter('ignore')

 parser = argparse.ArgumentParser()
@ -61,10 +62,11 @@ class CheckDB(Command):
        print("List of parsed tables:")
        print(core.meta.tables.keys())
        query = model.SETTINGS.select()
+        # query = model.SETTINGS.select(model.SETTINGS.c.key == 'content_basedir')
        result = query.execute()
        print("\nSETTINGS content :")
        for res in result:
-            print(res.key + " = " + res.value)
+            print(res.key + " = " + res.value + " -> " + res.description)


 manager.add_command('checkdb', CheckDB())