TG-124 : Correction du sytème de login + register

backend/app/api/LoginAPI.py

@@ -1,8 +1,11 @@
+from hashlib import sha256
+
 from flask import session
 from flask_restful import Resource
 from flask_restful.reqparse import RequestParser
 
-from app.model import getUser
+from app.core import app
+from app.model import USER
 
 
 class LoginAPI(Resource):
@@ -15,18 +18,31 @@ class LoginAPI(Resource):
         parser.add_argument('email', required=True, help="Email cannot be blank!")
         parser.add_argument('password', required=True, help="Password cannot be blank!")
         args = parser.parse_args()
+        email = args['email']
+        psw = args['password']
+        password = sha256(psw.encode('utf-8')).hexdigest()
 
         if "user" in session and session["user"] is not None:
             return {'AUTH_RESULT': 'ALREADY_LOGGED'}, 201
 
-        user = getUser(email=args['email'])
+        query = USER.select(USER.c.email == email)
+        rows = query.execute()
+        user = rows.first()
 
-        if user is not None and args['password'] == args['email']:
-            session['user'] = user
-            return {'AUTH_RESULT': 'OK'}, 200
+        if app.config['TESTING']:
+            if user is not None and psw == email:
+                session['user'] = user
+                return {'AUTH_RESULT': 'OK'}, 200
+            else:
+                session['user'] = None
+                return {'AUTH_RESULT': 'AUTHENTICATION_FAILED'}, 401
         else:
-            session['user'] = None
-            return {'AUTH_RESULT': 'AUTHENTICATION_FAILED'}, 401
+            if user is not None and password == user.psw:
+                session['user'] = user
+                return {'AUTH_RESULT': 'OK'}, 200
+            else:
+                session['user'] = None
+                return {'AUTH_RESULT': 'AUTHENTICATION_FAILED'}, 401
 
     def delete(self):
         session['user'] = None