From 308184f4cf6af7ce5f4f0b72cdb2c32b121ad9a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Torma=20Krist=C3=B3f?= Date: Sat, 5 Dec 2020 18:10:52 +0100 Subject: [PATCH] add jwt --- src/resources.py | 61 +++++++++++++++++++++++++++++++++++++----------- 1 file changed, 48 insertions(+), 13 deletions(-) diff --git a/src/resources.py b/src/resources.py index 06ecc28..203d5d8 100644 --- a/src/resources.py +++ b/src/resources.py @@ -100,6 +100,7 @@ class UsersApi(Resource): """ usermetadataschema = UserMetadataSchema(many=True) + @jwt_required def get(self): users = VideonUser.query.all() return self.usermetadataschema.dump(users), 200 @@ -109,6 +110,7 @@ class UserParameterApi(Resource): userschema = UserSchema(many=False) usermetadataschema = UserMetadataSchema(many=False) + @jwt_required def get(self, username: str): """ See: https://swagger.kmlabz.com/?urls.primaryName=videON%20Backend#/backend/getauser @@ -118,6 +120,7 @@ class UserParameterApi(Resource): user = VideonUser.query.filter_by(name=username).first_or_404() return self.usermetadataschema.dump(user), 200 + @jwt_required def delete(self, username: str): """ See: https://swagger.kmlabz.com/?urls.primaryName=videON%20Backend#/backend/deleteuser @@ -135,6 +138,7 @@ class UserParameterApi(Resource): db.session.commit() return self.usermetadataschema.dump(user), 200 + @jwt_required def put(self, username: str): """ See: https://swagger.kmlabz.com/?urls.primaryName=videON%20Backend#/backend/modifyUser @@ -167,6 +171,7 @@ class CreateIngestResource(Resource): ingestinputschema = IngestInputSchema(many=False) streamresourceschema = StreamResourceSchema(many=False) + @jwt_required def post(self): body = request.get_json() @@ -180,8 +185,8 @@ class CreateIngestResource(Resource): url="rtmp://zelenka.tormakristof.eu:6969/origin/asdasd", x=ingestobj['x'], y=ingestobj['y']) - # username = get_jwt_identity() - username = "jozska" + username = get_jwt_identity() + # username = "jozska" user = VideonUser.query.filter_by(name=username).first_or_404() ingest.owner_id = user.id ingest.stream_key = str(uuid4()) @@ -214,6 +219,7 @@ class CreateRestreamResource(Resource): restreaminputschema = RestreamInputSchema(many=False) streamresourceschema = StreamResourceSchema(many=False) + @jwt_required def post(self): body = request.get_json() @@ -227,8 +233,8 @@ class CreateRestreamResource(Resource): url="rtmp://zelenka.tormakristof.eu:6969/origin/asdasd", x=restreamobj['x'], y=restreamobj['y']) - # username = get_jwt_identity() - username = "jozska" + username = get_jwt_identity() + # username = "jozska" user = VideonUser.query.filter_by(name=username).first_or_404() restream.owner_id = user.id restream.stream_key = str(uuid4()) @@ -260,6 +266,7 @@ class CreateEncodeResource(Resource): encodeinputschema = EncodeInputSchema(many=False) streamresourceschema = StreamResourceSchema(many=False) + @jwt_required def post(self): body = request.get_json() @@ -273,8 +280,8 @@ class CreateEncodeResource(Resource): url="rtmp://zelenka.tormakristof.eu:6969/origin/asdasd", x=encoderobj['x'], y=encoderobj['y']) - # username = get_jwt_identity() - username = "jozska" + username = get_jwt_identity() + # username = "jozska" user = VideonUser.query.filter_by(name=username).first_or_404() encoder.owner_id = user.id encoder.stream_key = str(uuid4()) @@ -319,30 +326,42 @@ class GetAllStreamResources(Resource): streamresourceschema = StreamResourceSchema(many=True) + @jwt_required def get(self): - streamreousrces = StreamResource.query.all() + username = get_jwt_identity() + # username = "jozska" + user = VideonUser.query.filter_by(name=username).first_or_404() + streamreousrces = StreamResource.query.filter_by(owner_id=user.id).all() return self.streamresourceschema.dump(streamreousrces), 200 class ManipulateStreamResource(Resource): streamresourceschema = StreamResourceSchema(many=False) + @jwt_required def get(self, resourceid: str): """ See: https://swagger.kmlabz.com/?urls.primaryName=videON%20Backend#/backend/getAResource :param resourceid: :return: """ - streamreousrce = StreamResource.query.filter_by(id=UUID(resourceid)).first_or_404() + username = get_jwt_identity() + # username = "jozska" + user = VideonUser.query.filter_by(name=username).first_or_404() + streamreousrce = StreamResource.query.filter_by(id=UUID(resourceid), owner_id=user.id).first_or_404() return self.streamresourceschema.dump(streamreousrce), 200 + @jwt_required def delete(self, resourceid: str): """ See: https://swagger.kmlabz.com/?urls.primaryName=videON%20Backend#/backend/deleteResource :param resourceid: :return: """ - streamreousrce = StreamResource.query.filter_by(id=UUID(resourceid)).first_or_404() + username = get_jwt_identity() + # username = "jozska" + user = VideonUser.query.filter_by(name=username).first_or_404() + streamreousrce = StreamResource.query.filter_by(id=UUID(resourceid), owner_id=user.id).first_or_404() try: db.session.delete(streamreousrce) @@ -362,6 +381,7 @@ class ModifyIngressResource(Resource): ingestinputschema = IngestInputSchema(many=False) streamresourceschema = StreamResourceSchema(many=False) + @jwt_required def put(self, resourceid: str): body = request.get_json() @@ -371,7 +391,10 @@ class ModifyIngressResource(Resource): current_app.logger.warning(e) abort(417, INVALID_JSON_SCHEMA_MSG) - ingest = StreamResource.query.filter_by(id=resourceid).first_or_404() + username = get_jwt_identity() + # username = "jozska" + user = VideonUser.query.filter_by(name=username).first_or_404() + ingest = StreamResource.query.filter_by(id=resourceid, owner_id=user.id).first_or_404() ingest.x = ingestobj['x'] ingest.y = ingestobj['y'] @@ -419,6 +442,7 @@ class ModifyRestreamResource(Resource): restreaminputschema = RestreamInputSchema(many=False) streamresourceschema = StreamResourceSchema(many=False) + @jwt_required def put(self, resourceid: str): body = request.get_json() @@ -428,7 +452,10 @@ class ModifyRestreamResource(Resource): current_app.logger.warning(e) abort(417, INVALID_JSON_SCHEMA_MSG) - restream = StreamResource.query.filter_by(id=resourceid).first_or_404() + username = get_jwt_identity() + # username = "jozska" + user = VideonUser.query.filter_by(name=username).first_or_404() + restream = StreamResource.query.filter_by(id=resourceid, owner_id=user.id).first_or_404() restream.x = restreamobj['x'] restream.y = restreamobj['y'] @@ -475,6 +502,7 @@ class ModifyEncodeResource(Resource): encodeinputschema = EncodeInputSchema(many=False) streamresourceschema = StreamResourceSchema(many=False) + @jwt_required def put(self, resourceid: str): body = request.get_json() @@ -484,7 +512,10 @@ class ModifyEncodeResource(Resource): current_app.logger.warning(e) abort(417, INVALID_JSON_SCHEMA_MSG) - encode = StreamResource.query.filter_by(id=resourceid).first_or_404() + username = get_jwt_identity() + # username = "jozska" + user = VideonUser.query.filter_by(name=username).first_or_404() + encode = StreamResource.query.filter_by(id=resourceid, owner_id=user.id).first_or_404() encode.x = encodeobj['x'] encode.y = encodeobj['y'] @@ -544,6 +575,7 @@ class CoordModifyResource(Resource): coordinputschema = CoordInputSchema(many=False) streamresourceschema = StreamResourceSchema(many=False) + @jwt_required def put(self, resourceid: str): body = request.get_json() @@ -553,7 +585,10 @@ class CoordModifyResource(Resource): current_app.logger.warning(e) abort(417, INVALID_JSON_SCHEMA_MSG) - resource = StreamResource.query.filter_by(id=resourceid).first_or_404() + username = get_jwt_identity() + # username = "jozska" + user = VideonUser.query.filter_by(name=username).first_or_404() + resource = StreamResource.query.filter_by(id=resourceid, owner_id=user.id).first_or_404() resource.x = coordobj['x'] resource.y = coordobj['y']