Add basic "create" API..

.. using server-side API tokens
2021-07-08 20:04:27 +02:00
parent 72c04d8495
commit b27d5b3c5b
12 changed files with 267 additions and 102 deletions
--- a/capsulflask/auth.py
+++ b/capsulflask/auth.py
@ -1,3 +1,4 @@
+from base64 import b64decode
 import functools
 import re

@ -24,6 +25,15 @@ def account_required(view):

    @functools.wraps(view)
    def wrapped_view(**kwargs):
+        api_token = request.headers.get('authorization', None)
+        if api_token is not None:
+            email = get_model().authenticate_token(b64decode(api_token).decode('utf-8'))
+
+            if email is not None:
+                session.clear()
+                session["account"] = email
+                session["csrf-token"] = generate()
+
        if session.get("account") is None or session.get("csrf-token") is None :
            return redirect(url_for("auth.login"))

@ -56,7 +66,7 @@ def login():
        if not email:
            errors.append("email is required")
        elif len(email.strip()) < 6 or email.count('@') != 1 or email.count('.') == 0: 
-	        errors.append("enter a valid email address")
+            errors.append("enter a valid email address")

        if len(errors) == 0:
            result = get_model().login(email)