authorization api now final

src/resources.py

@@ -3,11 +3,12 @@
 import uuid
 
 from flask_restful import Resource
-from flask import request, current_app, abort, request
+from flask import request, current_app, abort
+import musicbrainzngs
 
 from fred import flaskred
 from config import ENCODED_SECRET_KEY
-from schemas import UserSchema, ListSchema, TrackSchema
+from schemas import UserSchema
 from aes_encrypt import EncryptedUserRedis
 
 """
@@ -23,14 +24,13 @@ INVALID_JSON_SCHEMA_MSG = "invalid json schema"
 
 
 class LoginApi(Resource):
-    """
-    See: https://swagger.kmlabz.com/?urls.primaryName=onSpot%20Backend#/backend/logon
-    """
-
     userschema = UserSchema(many=False)
     encryptor = EncryptedUserRedis(ENCODED_SECRET_KEY)
 
     def post(self):
+        """
+         See: https://swagger.kmlabz.com/?urls.primaryName=onSpot%20Backend#/backend/logon
+        """
         body = request.get_json()
 
         try:
@@ -39,26 +39,36 @@ class LoginApi(Resource):
             current_app.logger.warning(e)
             abort(417, INVALID_JSON_SCHEMA_MSG)
 
+        try:
+            musicbrainzngs.auth(userobj['name'], userobj['password'])
+            musicbrainzngs.set_useragent("onSpot", 1)
+            musicbrainzngs.set_rate_limit(1.0, 20)
+            musicbrainzngs.https = True
+            print(musicbrainzngs.get_collections())
+        except Exception as e:
+            current_app.logger.warning(e)
+            abort(401, "login denied to musicbrainz")
+
         self.encryptor.store(body)
-
         token = str(uuid.uuid4())
-
         flaskred.set(token, userobj['name'].encode('UTF-8'))
 
         return {
                    'token': token
                }, 200
 
+    def delete(self):
+        """
+         See: https://swagger.kmlabz.com/?urls.primaryName=onSpot%20Backend#/backend/logoff
+        """
+        try:
+            flaskred.delete(flaskred.get(request.headers.get('Authorization')).decode('UTF-8'))
+            flaskred.delete(request.headers.get('Authorization'))
+        except Exception as e:
+            current_app.logger.warning(e)
+            abort(401, "unauthorized")
 
-class LogoffApi(Resource):
-    """
-    See: https://swagger.kmlabz.com/?urls.primaryName=onSpot%20Backend#/backend/logoff
-    """
-
-    def delelete(self):
-        flaskred.delete(flaskred.get(request.headers.get('Authorization')).decode('UTF-8'))
-        flaskred.delete(request.headers.get('Authorization'))
-        return 204
+        return "", 204
 
 
 class MeApi(Resource):
@@ -67,4 +77,33 @@ class MeApi(Resource):
     """
 
     def get(self):
-        return {"name": flaskred.get(request.headers.get('Authorization')).decode('UTF-8')}, 200
+        try:
+            currusername = flaskred.get(request.headers.get('Authorization')).decode('UTF-8')
+        except Exception as e:
+            current_app.logger.warning(e)
+            abort(401, "unauthorized")
+        return {"name": currusername}, 200
+
+
+class ListsApi(Resource):
+    """
+    See: https://swagger.kmlabz.com/?urls.primaryName=onSpot%20Backend#/backend/getAllLists
+    """
+    def get(self):
+        pass
+
+
+class SingleListApi(Resource):
+    """
+    See: https://swagger.kmlabz.com/?urls.primaryName=onSpot%20Backend#/backend/getList
+    """
+    def get(self, listid: str):
+        pass
+
+
+class TrackApi(Resource):
+    """
+    See: https://swagger.kmlabz.com/?urls.primaryName=onSpot%20Backend#/backend/getTrack
+    """
+    def get(self, listid: str, trackid: str):
+        pass