-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathapp.py
196 lines (163 loc) · 6.66 KB
/
app.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
# -*- coding: utf-8 -*-
from flask_login import LoginManager, login_user, logout_user
from flask import Flask, request, redirect, render_template, Response, json, abort
from flask_sqlalchemy import SQLAlchemy
from flask_bootstrap import Bootstrap
from functools import wraps
# config import
from config import app_config, app_active
# admin
from admin.Admin import start_views
# controllers
from controller.User import UserController
from controller.Product import ProductController
config = app_config[app_active]
def create_app(config_name):
app = Flask(__name__, template_folder='templates')
login_manager = LoginManager()
login_manager.init_app(app)
app.secret_key = config.SECRET
app.config.from_object(app_config[config_name])
app.config.from_pyfile('config.py')
app.config['SQLALCHEMY_DATABASE_URI'] = config.SQLALCHEMY_DATABASE_URI
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.config['FLASK_ADMIN_SWATCH'] = 'paper'
db = SQLAlchemy(config.APP)
start_views(app, db)
Bootstrap(app)
db.init_app(app)
@app.after_request
def after_request(response):
response.headers.add('Access-Control-Allow-Origin', '*')
response.headers.add('Access-Control-Allow-Headers', 'Content -Type')
response.headers.add('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS')
return response
def auth_token_required(f):
@wraps(f)
def verify_token(*args, **kwargs):
user = UserController()
try:
result = user.verify_auth_token(request.headers['access_token'])
if result['status'] == 200:
return f(*args, **kwargs)
else:
abort(result['status'], result['message'])
except KeyError as e:
abort(401,'Você precisa enviar um token de acesso')
return verify_token
@app.route('/')
def index():
return 'Hello World!'
@app.route('/login/')
def login():
return render_template('login.html', data={'status': 200, 'msg': None, 'type': None})
@app.route('/login/', methods=['POST'])
def login_post():
user = UserController()
email = request.form['email']
password = request.form['password']
result = user.login(email, password)
if result:
if result.role == 2:
return render_template('login.html', data={'status': 401, 'msg': 'Seu usuário não tem permissão para acessar o admin', 'type': 2})
else:
login_user(result)
return redirect('/admin')
else:
return render_template('login.html', data={'status': 401, 'msg':'Dados de usuário incorretos', 'type': 1})
@app.route('/recovery-password/')
def recovery_password():
return 'Aqui entrará a tela de recuperar senha'
@app.route('/recovery-password/', methods=['POST'])
def send_recovery_password():
user = UserController()
result = user.recovery(request.form['email'])
if result:
return render_template('recovery.html',
data={'status': 200, 'msg': 'E-mail de recuperação enviado com sucesso'})
else:
return render_template('recovery.html', data={'status': 401, 'msg': 'Erro ao enviar e-mail de recuperação'})
@app.route('/product', methods=['POST'])
def save_products():
product = ProductController()
result = product.save_product(request.form)
if result:
message = "Inserido"
else:
message = "Não inserido"
return message
@app.route('/product', methods=['PUT'])
def update_products():
product = ProductController()
result = product.update_product(request.form)
if result:
message = "Editado"
else:
message = "Não Editado"
return message
@app.route('/products/', methods=['GET'])
@app.route('/products/<limit>', methods=['GET'])
@auth_token_required
def get_products(limit=None):
header = {
'access_token': request.headers['access_token'],
"token_type": "JWT"
}
product = ProductController()
response = product.get_products(limit=limit)
return Response(json.dumps(response, ensure_ascii=False), mimetype='application/json'), response['status'], header
@app.route('/product/<product_id>', methods=['GET'])
@auth_token_required
def get_product(product_id):
header = {
'access_token': request.headers['access_token'],
"token_type": "JWT"
}
product = ProductController()
response = product.get_product_by_id(product_id=product_id)
return Response(json.dumps(response, ensure_ascii=False), mimetype='application/json'), response['status'], header
@app.route('/user/<user_id>', methods=['GET'])
@auth_token_required
def get_user_profile(user_id):
header = {
'access_token': request.headers['access_token'],
"token_type": "JWT"
}
user = UserController()
response = user.get_user_by_id(user_id=user_id)
return Response(json.dumps(response, ensure_ascii=False), mimetype='application/json'), response['status'], header
@app.route('/login_api/', methods=['POST'])
def login_api():
header = {}
user = UserController()
email = request.json['email']
password = request.json['password']
result = user.login(email, password)
code = 401
response = {"message": "Usuário não autorizado", "result": []}
if result:
if result.active:
result = {
'id': result.id,
'username': result.username,
'email': result.email,
'date_created': result.date_created,
'active': result.active
}
header = {
"access_token": user.generate_auth_token(result),
"token_type": "JWT"
}
code = 200
response["message"] = "Login realizado com sucesso"
response["result"] = result
return Response(json.dumps(response, ensure_ascii=False), mimetype='application/json'), code, header
@app.route('/logout')
def logout_send():
logout_user()
return render_template('login.html', data={'status': 200, 'msg': 'Usuário deslogado com sucesso!', 'type':3})
@login_manager.user_loader
def load_user(user_id):
user = UserController()
return user.get_admin_login(user_id)
return app