-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathapp.py
executable file
·117 lines (97 loc) · 3.19 KB
/
app.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
#!/usr/bin/env python3
"""A simple Flask app with user authentication features.
"""
from flask import Flask, jsonify, request, abort, redirect
from auth import Auth
app = Flask(__name__)
AUTH = Auth()
@app.route("/", methods=["GET"], strict_slashes=False)
def index() -> str:
"""GET /
Return:
- The home page's payload.
"""
return jsonify({"message": "Bienvenue"})
@app.route("/users", methods=["POST"], strict_slashes=False)
def users() -> str:
"""POST /users
Return:
- The account creation payload.
"""
email, password = request.form.get("email"), request.form.get("password")
try:
AUTH.register_user(email, password)
return jsonify({"email": email, "message": "user created"})
except ValueError:
return jsonify({"message": "email already registered"}), 400
@app.route("/sessions", methods=["POST"], strict_slashes=False)
def login() -> str:
"""POST /sessions
Return:
- The account login payload.
"""
email, password = request.form.get("email"), request.form.get("password")
if not AUTH.valid_login(email, password):
abort(401)
session_id = AUTH.create_session(email)
response = jsonify({"email": email, "message": "logged in"})
response.set_cookie("session_id", session_id)
return response
@app.route("/sessions", methods=["DELETE"], strict_slashes=False)
def logout() -> str:
"""DELETE /sessions
Return:
- Redirects to home route.
"""
session_id = request.cookies.get("session_id")
user = AUTH.get_user_from_session_id(session_id)
if user is None:
abort(403)
AUTH.destroy_session(user.id)
return redirect("/")
@app.route("/profile", methods=["GET"], strict_slashes=False)
def profile() -> str:
"""GET /profile
Return:
- The user's profile information.
"""
session_id = request.cookies.get("session_id")
user = AUTH.get_user_from_session_id(session_id)
if user is None:
abort(403)
return jsonify({"email": user.email})
@app.route("/reset_password", methods=["POST"], strict_slashes=False)
def get_reset_password_token() -> str:
"""POST /reset_password
Return:
- The user's password reset payload.
"""
email = request.form.get("email")
reset_token = None
try:
reset_token = AUTH.get_reset_password_token(email)
except ValueError:
reset_token = None
if reset_token is None:
abort(403)
return jsonify({"email": email, "reset_token": reset_token})
@app.route("/reset_password", methods=["PUT"], strict_slashes=False)
def update_password() -> str:
"""PUT /reset_password
Return:
- The user's password updated payload.
"""
email = request.form.get("email")
reset_token = request.form.get("reset_token")
new_password = request.form.get("new_password")
is_password_changed = False
try:
AUTH.update_password(reset_token, new_password)
is_password_changed = True
except ValueError:
is_password_changed = False
if not is_password_changed:
abort(403)
return jsonify({"email": email, "message": "Password updated"})
if __name__ == "__main__":
app.run(host="0.0.0.0", port="5000")