TG-35 : API de login

2017-01-23 15:50:05 +01:00
parent 4d31f5fbe7
commit e523da2f1d
4 changed files with 55 additions and 3 deletions
--- a/backend/app/api/loginAPI.py
+++ b/backend/app/api/loginAPI.py
@ -0,0 +1,33 @@
+from flask import session
+from flask.ext.restful.reqparse import RequestParser
+from flask_restful import Resource
+
+from app.model import *
+
+
+class LoginAPI(Resource):
+    """
+        Login Api Resource
+    """
+
+    def post(self):
+        parser = RequestParser()
+        parser.add_argument('login', required=True, help="Login cannot be blank!")
+        parser.add_argument('password', required=True, help="Password cannot be blank!")
+        args = parser.parse_args()
+
+        userInfo = self.getUserInfoFromCAS(args['login'], args['password'])
+
+        if userInfo is not None:
+            query = USER.select(USER.c.login == userInfo["login"])
+            # TODO : check si le user fait partie d'un group actif
+            if query.count() == 1:
+                session['user'] = query.select().execute().first()
+                return {'AUTH_RESULT': 'OK'}, 200
+            else:
+                return {'AUTH_RESULT': 'NOT_ALLOWED'}, 403
+        else:
+            return {'AUTH_RESULT': 'AUTHENTICATION_FAILED'}, 401
+
+    def getUserInfoFromCAS(self, login, password):
+        pass