Merge branch 'develop' into routes and update Pipfile.lock

petak5 · petak5 · commit 168e40f1f1fe · 2020-06-14T23:10:20.000+02:00
# Conflicts:
#	Pipfile.lock
#	src/api/controllers/userController.py
#	src/api/views/userView.py
diff --git a/Pipfile b/Pipfile
@@ -17,8 +17,8 @@ flask-swagger = "*"
 flask-swagger-ui = "*"
 pytest = "*"
 flask-cors = "*"
-flask-login = "*"
 blinker = "*"
+flask-jwt-extended = "*"
 
 [requires]
 python_version = "3.7"
diff --git a/Pipfile.lock b/Pipfile.lock
diff --git a/README.md b/README.md
@@ -35,6 +35,7 @@ Run the server:
     - Under your GitHub account Settings go to Developer settings and OAuth Apps
     - Create a new one and set the homepage url to `https://localhost:5001/` and Authorization callback to `https://localhost:5001/login/github/authorized`
     - Copy the Client Id and Client Secret from that site and save them in `.env` as `GITHUB_ID` and `GITHUB_SECRET` respectively
+4. Furthermore a `JWT_SECRET_KEY` is required for signing the JWT-tokens
 
 Your `.env` file should now look something like [example.env](https://github.com/ProgrammingBuddies/programmingbuddies-api/blob/develop/example.env)
 
diff --git a/example.env b/example.env
@@ -2,4 +2,5 @@ CONNECT=mysql+mysqlconnector://user:password@localhost:3306/meintest
 FLASK_ENV=development
 APP_SECRET=guest
 GITHUB_ID=c1fed8b3f0e10e0beef
-GITHUB_SECRET=de79b512d6fbeefa9cdc113beef219ccc7cd98f1
+GITHUB_SECRET=de79b512d6fbeefa9cdc113beef219ccc7cd98f1
+JWT_SECRET_KEY=guest
diff --git a/src/api/controllers/userController.py b/src/api/controllers/userController.py
@@ -1,13 +1,9 @@
 from api.models import db, User, UserHasProject, UserLink, UserFeedback
-from flask_login import LoginManager
 from api import app
 
 class UserController:
     session = db.session()
 
-    login_manager = LoginManager()
-    login_manager.init_app(app)
-
     # User
     def create_user(self, **kwargs):
         try:
@@ -50,7 +46,6 @@ def update_user(self, id, **kwargs):
 
         return user
 
-    @login_manager.user_loader
     def get_user(self, **kwargs):
         user = User.query.filter_by(**kwargs).first()
 
diff --git a/src/api/models/userModel.py b/src/api/models/userModel.py
@@ -4,9 +4,7 @@
 from api.models.userLinkModel import UserLink
 from api.models.projectFeedbackModel import ProjectFeedback
 
-from flask_login import UserMixin
-
-class User(UserMixin, db.Model):
+class User(db.Model):
     id = db.Column(db.Integer, primary_key=True)
     github_id = db.Column(db.Integer)
     name = db.Column(db.String(80), nullable=False)
diff --git a/src/api/views/oauthView.py b/src/api/views/oauthView.py
@@ -1,22 +1,90 @@
-# from api import app 
-# from os import environ
-# from flask import Flask, request, redirect, session, url_for
-# from flask_dance.contrib.github import make_github_blueprint, github
-
-# print("hello")
-# app.secret_key = environ.get("APP_SECRET")
-# github_blueprint = make_github_blueprint(
-#     client_id = environ.get("GITHUB_ID"),
-#     client_secret = environ.get("GITHUB_SECRET")
-# )
-
-# app.register_blueprint(github_blueprint, url_prefix="/login")
-
-# @app.route("/login/")
-# def index():
-#     if not github.authorized:
-#         return redirect(url_for("github.login"))
-#     resp = github.get("/user")
-#     uid = resp.json()["id"]
-#     print(uid)
-#     return "You are @{login} on GitHub".format(login=resp.json()["login"])
+from flask_jwt_extended import JWTManager, jwt_required, get_jwt_identity, get_jwt_claims, create_access_token
+from api.models import User
+from flask import request, jsonify, session, Flask, redirect, session, url_for
+from api import app
+from os import environ
+from api.controllers import userController
+from flask_dance.contrib.github import make_github_blueprint, github
+from flask_dance.consumer import oauth_authorized
+
+app.secret_key = environ.get("APP_SECRET")
+github_blueprint = make_github_blueprint(
+    client_id = environ.get("GITHUB_ID"),
+    client_secret = environ.get("GITHUB_SECRET")
+)
+
+app.register_blueprint(github_blueprint, url_prefix="/login")
+
+app.config['JWT_SECRET_KEY'] = environ.get("JWT_SECRET_KEY")
+jwt = JWTManager(app)
+
+@jwt.user_identity_loader
+def user_identity_lookup(user):
+    return user.id
+
+@app.route("/login", methods=["GET"])
+def login_route():
+    account = request.args.get('account')
+    session['action'] = "login"
+    session['redirect'] = request.args.get('redirect')
+    session['state'] = request.args.get('state','{}')
+
+    if account == 'github':
+        return redirect(url_for("github.login"))
+    else:
+        return "", 400
+
+@app.route("/register", methods=["GET"])
+def register_route():
+    account = request.args.get('account')
+    session['action'] = "register"
+    # TODO remove or not?
+    session['username'] = request.args.get('username')
+    session['redirect'] = request.args.get('redirect')
+    session['state'] = request.args.get('state','{}')
+
+    if account == 'github':
+        return redirect(url_for("github.login"))
+    else:
+        return "", 400
+
+@oauth_authorized.connect
+def oathed(blueprint, token):
+    if session['action'] == 'login':
+        return login_callback(blueprint)
+    elif session['action'] == 'register':
+        return register_callback(blueprint)
+    else:
+        return "", 501
+
+
+def login_callback(blueprint):
+    if blueprint.name == "github":
+        resp = github.get("/user").json()
+        id = resp["id"]
+        user = userController.get_user(github_id=id)
+        redirect_token = f"?state={session.pop('state', '{}')}"
+        if user:
+            access_token = create_access_token(identity=user)
+            redirect_token += f"&token={access_token}"
+
+        return redirect(session.pop("redirect") + redirect_token)
+
+def register_callback(blueprint):
+    if blueprint.name == "github":
+        resp = github.get("/user").json()
+        id = resp["id"]
+        user = userController.get_user(github_id=id)
+        if not user:
+            user = userController.create_user(github_id=id, name=session.pop('username', "Anton"))
+            access_token = create_access_token(identity=user)
+        redirect_token = f"?state={session.pop('state')}&token={access_token}"
+        return redirect(session.pop('redirect') + redirect_token)
+
+# Actually deprecated
+# should be /user in userview but I'll leave it until Routes branch adds and merges it
+@app.route("/getcurrentuser", methods=["GET"])
+@jwt_required
+def getCurrentUser():
+    current_user = userController.get_user(id=get_jwt_identity())
+    return jsonify(current_user.as_dict()), 200
diff --git a/src/api/views/userView.py b/src/api/views/userView.py
@@ -1,20 +1,7 @@
 from flask import request, jsonify, session, Flask, redirect, session, url_for
-from flask_login import login_user, login_required, logout_user, current_user
 from api import app
-from datetime import timedelta
 from api.controllers import userController
 from os import environ
-from flask_dance.contrib.github import make_github_blueprint, github
-from flask_dance.consumer import oauth_authorized
-
-print("hello")
-app.secret_key = environ.get("APP_SECRET")
-github_blueprint = make_github_blueprint(
-    client_id = environ.get("GITHUB_ID"),
-    client_secret = environ.get("GITHUB_SECRET")
-)
-
-app.register_blueprint(github_blueprint, url_prefix="/login")
 
 # User
 @app.route("/users", methods=['POST'])
@@ -131,7 +118,6 @@ def update_user(id):
         return jsonify(user.as_dict()), 200
 
 @app.route("/users/<id>", methods=['POST'])
-@login_required
 def update_user(id):
     if 'id' in request.get_json():
         return "", 501
@@ -185,7 +171,6 @@ def get_all_users():
     return jsonify(users), 200
 
 @app.route("/users/<id>", methods=['DELETE'])
-@login_required
 def delete_user(id):
     """
     Delete user
@@ -468,65 +453,3 @@ def delete_user_feedback(user_id, feedback_id):
         return "", 404
     else:
         return "", 200
-
-@app.before_request
-def before_sign_in():
-    session.permanent = True
-    app.permanent_session_lifetime = timedelta(seconds=20)
-
-@app.route("/login", methods=["GET"])
-def login_route():
-    account = request.args.get('account')
-    session['action'] = "login"
-    session['redirect'] = request.args.get('redirect')
-
-    if account == 'github':
-        return redirect(url_for("github.login"))
-    else:
-        return "", 400
-
-@app.route("/register", methods=["GET"])
-def register_route():
-    account = request.args.get('account')
-    session['action'] = "register"
-    session['username'] = request.args.get('username')
-    session['redirect'] = request.args.get('redirect')
-
-    if account == 'github':
-        return redirect(url_for("github.login"))
-    else:
-        return "", 400
-
-@oauth_authorized.connect
-def oathed(blueprint, token):
-    if session['action'] == 'login':
-        return login(blueprint)
-    elif session['action'] == 'register':
-        return register(blueprint)
-    else:
-        return "", 501
-
-@app.route("/users/sign-out")
-@login_required
-def sign_out():
-    logout_user()
-    return "", 200
-
-def login(blueprint):
-    if blueprint.name == "github":
-        resp = github.get("/user").json()
-        id = resp["id"]
-        user = userController.get_user(github_id=id)
-        if user:
-            login_user(user)
-        return redirect(session['redirect'])
-
-def register(blueprint):
-    if blueprint.name == "github":
-        resp = github.get("/user").json()
-        id = resp["id"]
-        user = userController.get_user(github_id=id)
-        if not user:
-            user = userController.create_user(github_id=id, name=session["username"])
-            login_user(user)
-        return redirect(session['redirect'])
