# Managing Authentication & Authorization<br>Hands-On Example (Python)
### Preliminary Steps

This section contains the preliminary steps to set up the base URL and import necessary libraries.

In [None]:
import datetime
import json
import random

import requests
from IPython.display import Markdown, display

url = "http://localhost:8018/istsos4/v1.1"

### Login as viewer (Authentication)

In [None]:
username = input("Enter your username: ")
password = input("Enter your password: ")

if not username or not password:
    print("Username or password is empty")

else:
    data = {
        "username": username,
        "password": password,
        "grant_type": "password",
    }

    response = requests.post(url + "/Login", data=data)
    if response.status_code == 200:
        token = response.json()["access_token"]
        result = json.dumps(response.json(), indent=2)
        display(Markdown(f"```json\n{result}\n```"))
    else:
        result = json.dumps(response.json(), indent=2)
        display(Markdown(f"```json\n{result}\n```"))

#### Retrieve data (Authorization)

##### Retrieve a Datastream

In [None]:
response = requests.get(
    url + "/Datastreams?$select=id",
    headers={"Authorization": f"Bearer {token}"},
)
result = [item["@iot.id"] for item in response.json()["value"]]
datastream_id = random.choice(result)
print(f"Datastream ID: {datastream_id}")

##### Retrieve Observations for the selected Datastream

In [None]:
response = requests.get(
    url + f"/Datastreams({datastream_id})/Observations?$expand=Commit",
    headers={"Authorization": f"Bearer {token}"},
)
result = json.dumps(response.json(), indent=2)
display(Markdown(f"```json\n{result}\n```"))

#### Create data (Authorization)

##### Create Observation for the selected Datastream

In [None]:
observation = {
    "phenomenonTime": datetime.datetime.now().isoformat(),
    "result": random.random(),
    "Datastream": {"@iot.id": datastream_id},
}

response = requests.post(
    url + "/Observations",
    headers={
        "Content-type": "application/json",
        "Authorization": f"Bearer {token}",
        "Commit-message": f"Add observation to datastream {datastream_id}",
    },
    json=observation,
)
if response.status_code == 201:
    print("Observations created successfully: ", response.headers["location"])
else:
    result = json.dumps(response.json(), indent=2)
    display(Markdown(f"```json\n{result}\n```"))

### Login as editor (Authentication)

In [None]:
username = input("Enter your username: ")
password = input("Enter your password: ")

if not username or not password:
    print("Username or password is empty")

else:
    data = {
        "username": username,
        "password": password,
        "grant_type": "password",
    }

    response = requests.post(url + "/Login", data=data)
    if response.status_code == 200:
        token = response.json()["access_token"]
        result = json.dumps(response.json(), indent=2)
        display(Markdown(f"```json\n{result}\n```"))
    else:
        result = json.dumps(response.json(), indent=2)
        display(Markdown(f"```json\n{result}\n```"))

#### Retrieve data (Authorization)

##### Retrieve a Datastream

In [None]:
response = requests.get(
    url + "/Datastreams?$select=id",
    headers={"Authorization": f"Bearer {token}"},
)
result = [item["@iot.id"] for item in response.json()["value"]]
datastream_id = random.choice(result)
print(f"Datastream ID: {datastream_id}")

##### Retrieve Observations for the selected Datastream

In [None]:
response = requests.get(
    url + f"/Datastreams({datastream_id})/Observations?$expand=Commit",
    headers={"Authorization": f"Bearer {token}"},
)
result = json.dumps(response.json(), indent=2)
display(Markdown(f"```json\n{result}\n```"))

#### Create data (Authorization)

##### Create Observation for the selected Datastream

In [None]:
observation = {
    "phenomenonTime": datetime.datetime.now().isoformat(),
    "result": random.random(),
    "Datastream": {"@iot.id": datastream_id},
}

response = requests.post(
    url + "/Observations",
    headers={
        "Content-type": "application/json",
        "Authorization": f"Bearer {token}",
        "Commit-message": f"Add observation to datastream {datastream_id}",
    },
    json=observation,
)
if response.status_code == 201:
    print("Observations created successfully: ", response.headers["location"])
    response = requests.get(
        url + "/Datastreams(1)/Observations",
        headers={"Authorization": f"Bearer {token}"},
    )
    result = json.dumps(response.json(), indent=2)
    display(Markdown(f"```json\n{result}\n```"))
else:
    result = json.dumps(response.json(), indent=2)