import jwt
import datetime
import cherrypy
from models import Website, User
from config import SECRET_KEY
from tools import check_jwt
class BaseResource(object):
@property
def db(self):
return cherrypy.request.db
@cherrypy.expose
class UserResource(BaseResource):
@cherrypy.tools.json_in()
@cherrypy.tools.json_out()
def POST(self):
"""Register new user"""
username = cherrypy.request.json.get('username')
password = cherrypy.request.json.get('password')
if not username or not password:
raise cherrypy.HTTPError(400, 'Username and Password are required')
if self.db.query(User).filter_by(username=username).first():
raise cherrypy.HTTPError(400, 'User already exists')
try:
self.db.add(User(username=username, password=User.generate_hash(password)))
self.db.commit()
pay_load = {
'username': username,
'exp': datetime.datetime.utcnow() + datetime.timedelta(days=1)
}
access_token = jwt.encode(pay_load, SECRET_KEY, algorithm='HS256')
return {
'message': 'User {} was created'.format(username),
'access_token': 'Bearer {}'.format(access_token.decode('utf-8'))
}
except:
raise cherrypy.HTTPError(500, {'message': 'Something went wrong'})
@cherrypy.expose
class LoginResource(BaseResource):
@cherrypy.tools.json_in()
@cherrypy.tools.json_out()
def POST(self):
"""Login user"""
username = cherrypy.request.json.get('username')
password = cherrypy.request.json.get('password')
if not username or not password:
raise cherrypy.HTTPError(400, 'Username and Password are required')
current_user = self.db.query(User).filter_by(username = username).first()
if not current_user:
raise cherrypy.HTTPError(404, 'User not found')
if User.verify_hash(password, current_user.password):
pay_load = {
'username': current_user.username,
'exp': datetime.datetime.utcnow() + datetime.timedelta(days=1)
}
access_token = jwt.encode(pay_load, SECRET_KEY, algorithm='HS256')
return {
'message': 'Logged in as {}'.format(current_user.username),
'access_token': 'Bearer {}'.format(access_token.decode('utf-8'))
}
else:
return {'message': 'Invalid username or password'}
@cherrypy.expose
class WebsiteResource(BaseResource):
@cherrypy.tools.json_out()
def GET(self):
websites = self.db.query(Website).all()
return {"websites": [website.to_dict() for website in websites]}
@cherrypy.tools.json_in()
@cherrypy.tools.json_out()
@cherrypy.tools.check_jwt()
def POST(self):
"""
I Want check JWT Token before enter's here.
Protect this Route
"""
title = cherrypy.request.json.get('title')
url = cherrypy.request.json.get('url')
self.db.add(Website(title = title, url = url))
self.db.commit()
return {'message': 'Website {} created!'.format(title)}
@cherrypy.tools.json_in()
@cherrypy.tools.json_out()
def PUT(self, id):
title = cherrypy.request.json.get('title')
url = cherrypy.request.json.get('url')
# self.db.update(Website).values(title=title, url=url).where(id=id)
self.db.query(Website).filter_by(id=id).update({"title":title, "url": url})
return {'message': 'Website {} updated!'.format(title)}
@cherrypy.tools.json_out()
def DELETE(self, id):
self.db.query(Website).filter_by(id=id).delete()
return {'message': 'Deleted!'}