This repository has been archived by the owner on May 10, 2019. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
api.py
125 lines (75 loc) · 2.74 KB
/
api.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
import os
from flask import Flask, session, request
from Auth import Auth
import Helpers
#MySQL server configuration
mysql_config = Helpers.read_json_from_file("config/mysql_config.json")
#Auth service
auth_service = Helpers.service("auth")
#Create an Auth instance
auth = Auth(auth_service, mysql_config["host"], mysql_config["username"], mysql_config["password"], mysql_config["database"])
#Create a Flask app instance
app = Flask(__name__)
#Placeholders for HTML
sign_up_html = ""
sign_in_html = ""
reset_password_html = ""
#Get the HTML for the sign up page
with open("signUp.html", 'r') as file:
sign_up_html = file.read()
#Get the HTML for the sign in page
with open("signIn.html", 'r') as file:
sign_in_html = file.read()
#Get the HTML for the reset password page
with open("resetPassword.html", 'r') as file:
reset_password_html = file.read()
#Define app routes
@app.route("/", methods=["GET", "POST"])
def main_page():
return "Go somewhere else"
#######################
# Authentication #
#######################
#Sign_up
@app.route("/sign_up", methods=["GET", "POST"])
def sign_up():
if request.method == "POST":
return auth.sign_up( request.form["firstname"], request.form["lastname"], request.form["email"], request.form["password"], request.form["confirmpassword"] )
return sign_up_html
#Sign_in
@app.route("/sign_in", methods=["GET", "POST"])
def sign_in():
if request.method == "POST":
return auth.sign_in( request.form["email"], request.form["password"] )
return sign_in_html
#Reset password
@app.route("/password_reset/<string:reset_id>", methods=["GET", "POST"])
def password_reset(reset_id):
if request.method == "POST":
return auth.reset_password( reset_id, request.form["password"], request.form["confirmpassword"] )
return reset_password_html
#Send password reset email
@app.route("/forgot_password", methods=["POST"])
def forgot_password():
return auth.send_password_reset_email( request.form["email"] )
#Verify token
@app.route("/verify_token", methods=["GET", "POST"])
def verify_token():
#Retrieve the token
token = request.headers["Authorization"].replace("Bearer ", "")
#Attempt to validate the token
result = auth.validate_token(token)
#If token is invalid...
if result == "ERROR-INVALID-TOKEN":
#Return an error
return '{ "error": "' + result + '" }'
#Otherwise, return the UID
return '{ "uid": "' + result + '" }'
#Blacklist token
@app.route("/blacklist/<string:token>", methods=["GET", "POST"])
def blacklist_token(token):
auth.blacklist_token(token)
return '{"status":"success"}'
#Run the app
if __name__ == '__main__':
app.run(host='0.0.0.0', port="80", debug=True)