parent
c0be47764e
commit
c89a4bc537
@ -1,17 +1,134 @@
|
||||
from functools import wraps
|
||||
from aiohttp.web import json_response
|
||||
from autogestionale.database import User, ProductCategory, Event
|
||||
|
||||
async def playlist_add(request):
|
||||
uuid = request.match_info['uuid']
|
||||
|
||||
try:
|
||||
request.app['playlist'].put(uuid)
|
||||
def needs(*needed):
|
||||
def decorator(func):
|
||||
@wraps(func)
|
||||
async def wrapper(request):
|
||||
request_json = await request.json()
|
||||
if not all(k in request_json.keys() for k in needed):
|
||||
return json_response({
|
||||
'err': 'malformed_request',
|
||||
'msg': 'Missing one or more keys: {}.'.format(
|
||||
", ".join(needed))
|
||||
}, status=400)
|
||||
else:
|
||||
return func(request)
|
||||
|
||||
except DuplicateTrackError:
|
||||
return json_response({
|
||||
'err': 'duplicate',
|
||||
'msg': 'The track is already present in the playlist.'
|
||||
}, status=400)
|
||||
return wrapper
|
||||
return decorator
|
||||
|
||||
else:
|
||||
return json_response({}, status=200)
|
||||
|
||||
def auth_required(func):
|
||||
@wraps(func)
|
||||
async def wrapper(request):
|
||||
db = request.app['db']
|
||||
headers = request.headers
|
||||
|
||||
if 'Authorization' not in headers.keys():
|
||||
return json_response({'err': 'malformed_request',
|
||||
'msg': 'Missing Authorization header.'},
|
||||
status=400)
|
||||
else:
|
||||
remote_token = headers['Authorization']
|
||||
|
||||
with db.get_session() as session:
|
||||
token = session.query(AccessToken) \
|
||||
.filter_by(token=remote_token) \
|
||||
.one_or_none()
|
||||
|
||||
if not token:
|
||||
return json_response({'err': 'unauthorized',
|
||||
'msg': 'The token is not valid.'},
|
||||
status=401)
|
||||
elif not token.is_valid():
|
||||
return json_response({'err': 'forbidden',
|
||||
'msg': 'The token has expired.'},
|
||||
status=403)
|
||||
else:
|
||||
return await func(request)
|
||||
|
||||
return wrapper
|
||||
|
||||
|
||||
@needs('username', 'password')
|
||||
async def token_create(request):
|
||||
db = request.app['db']
|
||||
request_json = await request.json()
|
||||
|
||||
username = request_json['username']
|
||||
password = request_json['password']
|
||||
|
||||
with db.get_session() as session:
|
||||
user = session.query(User) \
|
||||
.filter_by(username=username) \
|
||||
.one_or_none()
|
||||
|
||||
if not user or user.password != password:
|
||||
return json_response({'err': 'invalid_credentials'},
|
||||
status=400)
|
||||
|
||||
with db.get_session() as session:
|
||||
token = AccessToken(user=user)
|
||||
session.add(token)
|
||||
|
||||
return json_response({
|
||||
'token': token.token,
|
||||
'created_at': token.created_at.isoformat(),
|
||||
'expires_at': token.created_at.isoformat()
|
||||
})
|
||||
|
||||
|
||||
@auth_required
|
||||
async def token_destroy(request):
|
||||
db = request.app['db']
|
||||
remote_token = request.headers['Authorization']
|
||||
|
||||
with db.get_session() as session:
|
||||
token = session.query(AccessToken) \
|
||||
.filter_by(token=remote_token) \
|
||||
.one_or_none()
|
||||
token.is_active = False
|
||||
session.add(token)
|
||||
|
||||
return json_response({}, status=200)
|
||||
|
||||
|
||||
@auth_required
|
||||
async def product_list(request):
|
||||
db = request.app['db']
|
||||
|
||||
with db.get_session() as session:
|
||||
categories = session.query(ProductCategory).all()
|
||||
|
||||
return json_response({
|
||||
'categories': [{
|
||||
'uid': c.uid,
|
||||
'name': c.name,
|
||||
'products': [{
|
||||
'uid': p.uid,
|
||||
'name': p.name,
|
||||
'price': p.price
|
||||
} for p in c.products]
|
||||
} for c in categories]
|
||||
})
|
||||
|
||||
|
||||
async def event_list(request):
|
||||
db = request.app['db']
|
||||
|
||||
with db.get_session() as session:
|
||||
events = session.query(Event).all()
|
||||
|
||||
return json_response({
|
||||
'events': [{
|
||||
'uid': evt.uid,
|
||||
'name': evt.name,
|
||||
'entries': [{
|
||||
'uid': entr.uid,
|
||||
'amount': entr.amount
|
||||
} for entr in evt.entries]
|
||||
} for evt in events]
|
||||
})
|
||||
|
Loading…
Reference in new issue