108 lines
2.8 KiB
Python
108 lines
2.8 KiB
Python
#!/usr/bin/env python3
|
|
|
|
import uuid
|
|
|
|
from flask_restful import Resource
|
|
from flask import request, current_app, abort
|
|
import musicbrainzngs
|
|
|
|
from fred import flaskred
|
|
from config import ENCODED_SECRET_KEY
|
|
from schemas import UserSchema
|
|
from aes_encrypt import EncryptedUserRedis
|
|
|
|
"""
|
|
Flask Restful endpoints
|
|
"""
|
|
|
|
__author__ = '@tormakris'
|
|
__copyright__ = "Copyright 2020, onSpot Team"
|
|
__module_name__ = "resources"
|
|
__version__text__ = "1"
|
|
|
|
INVALID_JSON_SCHEMA_MSG = "invalid json schema"
|
|
|
|
|
|
class LoginApi(Resource):
|
|
userschema = UserSchema(many=False)
|
|
encryptor = EncryptedUserRedis(ENCODED_SECRET_KEY)
|
|
|
|
def post(self):
|
|
"""
|
|
See: https://swagger.kmlabz.com/?urls.primaryName=onSpot%20Backend#/backend/logon
|
|
"""
|
|
body = request.get_json()
|
|
|
|
try:
|
|
userobj = self.userschema.load(body)
|
|
except Exception as e:
|
|
current_app.logger.warning(e)
|
|
abort(417, INVALID_JSON_SCHEMA_MSG)
|
|
|
|
try:
|
|
musicbrainzngs.auth(userobj['name'], userobj['password'])
|
|
musicbrainzngs.get_collections()
|
|
musicbrainzngs.auth(None, None)
|
|
except Exception as e:
|
|
current_app.logger.warning(e)
|
|
abort(401, "login denied to musicbrainz")
|
|
|
|
self.encryptor.store(body)
|
|
token = str(uuid.uuid4())
|
|
flaskred.set(token, userobj['name'].encode('UTF-8'))
|
|
|
|
return {
|
|
'token': token
|
|
}, 200
|
|
|
|
def delete(self):
|
|
"""
|
|
See: https://swagger.kmlabz.com/?urls.primaryName=onSpot%20Backend#/backend/logoff
|
|
"""
|
|
try:
|
|
flaskred.delete(flaskred.get(request.headers.get('Authorization')).decode('UTF-8'))
|
|
flaskred.delete(request.headers.get('Authorization'))
|
|
except Exception as e:
|
|
current_app.logger.warning(e)
|
|
abort(401, "unauthorized")
|
|
|
|
return "", 204
|
|
|
|
|
|
class MeApi(Resource):
|
|
"""
|
|
See: https://swagger.kmlabz.com/?urls.primaryName=onSpot%20Backend#/backend/currentUser
|
|
"""
|
|
|
|
def get(self):
|
|
try:
|
|
currusername = flaskred.get(request.headers.get('Authorization')).decode('UTF-8')
|
|
except Exception as e:
|
|
current_app.logger.warning(e)
|
|
abort(401, "unauthorized")
|
|
return {"name": currusername}, 200
|
|
|
|
|
|
class ListsApi(Resource):
|
|
"""
|
|
See: https://swagger.kmlabz.com/?urls.primaryName=onSpot%20Backend#/backend/getAllLists
|
|
"""
|
|
def get(self):
|
|
pass
|
|
|
|
|
|
class SingleListApi(Resource):
|
|
"""
|
|
See: https://swagger.kmlabz.com/?urls.primaryName=onSpot%20Backend#/backend/getList
|
|
"""
|
|
def get(self, listid: str):
|
|
pass
|
|
|
|
|
|
class TrackApi(Resource):
|
|
"""
|
|
See: https://swagger.kmlabz.com/?urls.primaryName=onSpot%20Backend#/backend/getTrack
|
|
"""
|
|
def get(self, listid: str, trackid: str):
|
|
pass
|