From 8779474b8fb24b8e8b52eab1a56a42a076c42a86 Mon Sep 17 00:00:00 2001 From: ipaullly Date: Fri, 23 Nov 2018 09:13:49 +0300 Subject: [PATCH 01/38] [starts #162163623] Add GET order by id endpoint --- app/api/v2/__init__.py | 6 ++++-- app/api/v2/dbmodel.py | 5 +++-- app/api/v2/models.py | 11 ++++++++++- app/api/v2/views.py | 22 ++++++++++++++++++++++ app/auth/v2/models.py | 2 +- 5 files changed, 40 insertions(+), 6 deletions(-) diff --git a/app/api/v2/__init__.py b/app/api/v2/__init__.py index 358a56f..819564d 100644 --- a/app/api/v2/__init__.py +++ b/app/api/v2/__init__.py @@ -1,7 +1,8 @@ from flask import Blueprint from flask_restful import Api #from ...api.v2.views import ParcelList, ParcelDestination, ParcelStatus, ParcelCurrentLocation, CancelParcel, UserOrders -from app.api.v2.views import ParcelList, ParcelDestination, ParcelStatus, ParcelCurrentLocation, CancelParcel, UserOrders +from app.api.v2.views import ParcelList, ParcelDestination, ParcelStatus, \ +ParcelCurrentLocation, CancelParcel, UserOrders, IndividualParcel version2 = Blueprint('v2', __name__, url_prefix="/api/v2") @@ -12,4 +13,5 @@ api.add_resource(ParcelStatus, '/parcels//status') api.add_resource(ParcelCurrentLocation, '/parcels//presentLocation') api.add_resource(CancelParcel, '/parcels//cancel') -api.add_resource(UserOrders, '/users//parcels') \ No newline at end of file +api.add_resource(UserOrders, '/users//parcels') +api.add_resource(IndividualParcel, '/parcels/') \ No newline at end of file diff --git a/app/api/v2/dbmodel.py b/app/api/v2/dbmodel.py index acda444..0db05aa 100644 --- a/app/api/v2/dbmodel.py +++ b/app/api/v2/dbmodel.py @@ -48,7 +48,7 @@ def persist_to_db(cls, query_string, tuple_data): cls.conn.commit() @classmethod - def add_to_db(cls, query_string, tuple_data): + def insert_fetch_from_db(cls, query_string, tuple_data): """ method that saves queries into the database """ @@ -70,7 +70,8 @@ def retrieve_one(cls, query_string): method returns data on a particular row from the database """ cls.cur.execute(query_string) - return cls.cur.fetchone() + result = cls.cur.fetchone() + return result @classmethod def retrieve_all(cls, query_string): diff --git a/app/api/v2/models.py b/app/api/v2/models.py index 3526fbc..6ca8325 100644 --- a/app/api/v2/models.py +++ b/app/api/v2/models.py @@ -33,7 +33,15 @@ def order_list(self): query = """SELECT item_name, destination, status, current_location, order_id FROM orders ORDER BY order_id ASC;""" resp = SenditDb.retrieve_all(query) return resp - + def retrieve_single_order(self, parcel_id): + """ + retrieves an order by id + """ + + query = """SELECT * FROM orders WHERE order_id={}""".format(parcel_id) + resp = SenditDb.retrieve_one(query) + return resp + def update_destination(self, new_dest, parcel_id): """ updates the destination of a user's parcels @@ -41,6 +49,7 @@ def update_destination(self, new_dest, parcel_id): payload = { "updated_destination" : new_dest } + input_query = """SELECT destination FROM orders WHERE order_id={}""".format(parcel_id) response = SenditDb.retrieve_one(input_query) if not response: diff --git a/app/api/v2/views.py b/app/api/v2/views.py index 65a4a91..c3f1b25 100644 --- a/app/api/v2/views.py +++ b/app/api/v2/views.py @@ -113,6 +113,28 @@ def get(self): "message" : "No orders in the database" }), 400) +class IndividualParcel(Resource): + """ + class for API endpoints for retrieving single order and cancelling particular order + """ + def get(self, id): + """ + get method to retrieve order by id + """ + + individ_order = order.order_list() + + for parcel in individ_order: + if parcel["order_id"] == id: + return make_response(jsonify({ + "message" : "Ok", + "order" : parcel + }), 200) + else: + response = { + "message" : "Invalid id" + } + return make_response(jsonify(response), 400) class ParcelDestination(Resource): """ diff --git a/app/auth/v2/models.py b/app/auth/v2/models.py index caaba9d..d059c36 100644 --- a/app/auth/v2/models.py +++ b/app/auth/v2/models.py @@ -20,7 +20,7 @@ def add_user(self, email, password): return False user_query = """INSERT INTO users (email, password) VALUES (%s, %s) RETURNING email, id""" tup = (email, hashed_password) - resp = SenditDb.add_to_db(user_query, tup) + resp = SenditDb.insert_fetch_from_db(user_query, tup) payload = resp return payload From acd2068eaeccbf0a2db5a973b825a241ea7c496d Mon Sep 17 00:00:00 2001 From: ipaullly Date: Sun, 9 Dec 2018 15:22:05 +0300 Subject: [PATCH 02/38] [starts #162530597] add logic to check user role before consuming endpoint --- .coverage | 2 +- .gitignore | 1 + app/api/v2/dbmodel.py | 2 +- app/api/v2/models.py | 9 +++ app/api/v2/views.py | 69 +++++++++++++------ app/auth/v2/models.py | 45 ++++++++++-- app/auth/v2/views.py | 17 +++-- .../{v2 => }/test_create_parcel_edgecases.py | 0 app/tests/{v2 => }/test_edgecases.py | 0 app/tests/{v2 => }/test_login.py | 0 app/tests/{v2 => }/test_parcels.py | 0 app/tests/{v2 => }/test_register.py | 0 app/tests/v1/__init__.py | 0 app/tests/v2/__init__.py | 0 app/utilities/token_function.py | 1 + 15 files changed, 112 insertions(+), 34 deletions(-) rename app/tests/{v2 => }/test_create_parcel_edgecases.py (100%) rename app/tests/{v2 => }/test_edgecases.py (100%) rename app/tests/{v2 => }/test_login.py (100%) rename app/tests/{v2 => }/test_parcels.py (100%) rename app/tests/{v2 => }/test_register.py (100%) delete mode 100644 app/tests/v1/__init__.py delete mode 100644 app/tests/v2/__init__.py diff --git a/.coverage b/.coverage index 2eaa58b..5b6d14f 100644 --- a/.coverage +++ b/.coverage @@ -1 +1 @@ -!coverage.py: This is a private format, don't read it directly!{"arcs":{"/home/ipaullly/dev/parcels/sendIT/app/utilities/__init__.py":[[-1,1],[1,-1]],"/home/ipaullly/dev/parcels/sendIT/app/utilities/validation_functions.py":[[-1,1],[1,3],[3,10],[10,17],[17,-1],[-3,4],[4,5],[5,6],[6,-3],[5,8],[8,-3],[-10,11],[11,12],[12,13],[13,-10],[-17,18],[18,19],[19,21],[21,22],[22,23],[23,-17],[12,15],[15,-10]],"/home/ipaullly/dev/parcels/sendIT/app/utilities/JWT_token.py":[]}} \ No newline at end of file +!coverage.py: This is a private format, don't read it directly!{"arcs":{"/home/ipaullly/dev/parcels/sendIT/app/__init__.py":[[-1,1],[1,2],[2,3],[3,4],[4,5],[5,6],[6,7],[7,16],[16,-1]],"/home/ipaullly/dev/parcels/sendIT/app/config.py":[[-1,1],[1,3],[-3,3],[3,6],[6,7],[7,8],[8,9],[9,-3],[3,11],[-11,11],[11,14],[14,15],[15,16],[16,-11],[11,18],[-18,18],[18,21],[21,22],[22,23],[23,24],[24,-18],[18,26],[-26,26],[26,29],[29,30],[30,31],[31,-26],[26,34],[34,35],[35,36],[36,-1]],"/home/ipaullly/dev/parcels/sendIT/app/api/__init__.py":[[-1,1],[1,-1]],"/home/ipaullly/dev/parcels/sendIT/app/api/v1/__init__.py":[[-1,1],[1,2],[2,4],[4,6],[6,8],[8,10],[10,11],[11,12],[12,13],[13,-1]],"/home/ipaullly/dev/parcels/sendIT/app/api/v1/views.py":[[-1,1],[1,2],[2,3],[3,4],[4,6],[6,8],[-8,8],[8,11],[11,12],[12,54],[54,-8],[8,64],[-64,64],[64,67],[67,68],[68,-64],[64,85],[-85,85],[85,88],[88,89],[89,-85],[85,102],[-102,102],[102,105],[105,106],[106,-102],[102,-1]],"/home/ipaullly/dev/parcels/sendIT/app/api/v1/models.py":[[-2,2],[2,4],[-4,4],[4,7],[7,8],[8,12],[12,28],[28,34],[34,45],[45,56],[56,-4],[4,-2],[-8,9],[9,10],[10,-8]],"/home/ipaullly/dev/parcels/sendIT/app/utilities/__init__.py":[[-1,1],[1,-1]],"/home/ipaullly/dev/parcels/sendIT/app/utilities/validation_functions.py":[[-1,1],[1,3],[3,7],[7,14],[14,22],[22,-1]],"/home/ipaullly/dev/parcels/sendIT/app/api/v2/__init__.py":[[-1,1],[1,2],[2,4],[4,7],[7,9],[9,11],[11,12],[12,13],[13,14],[14,15],[15,16],[16,17],[17,-1]],"/home/ipaullly/dev/parcels/sendIT/app/api/v2/views.py":[[-1,1],[1,2],[2,6],[6,7],[7,8],[8,10],[10,12],[12,29],[-29,29],[29,32],[32,33],[33,119],[119,-29],[29,133],[-133,133],[133,136],[136,137],[137,-133],[133,156],[-156,156],[156,159],[159,160],[160,-156],[156,199],[-199,199],[199,202],[202,203],[203,-199],[199,249],[-249,249],[249,252],[252,253],[253,-249],[249,292],[-292,292],[292,295],[295,296],[296,-292],[292,328],[-328,328],[328,331],[331,332],[332,-328],[328,-1]],"/home/ipaullly/dev/parcels/sendIT/app/utilities/token_function.py":[[-1,1],[1,2],[2,4],[4,-1]],"/home/ipaullly/dev/parcels/sendIT/app/api/v2/models.py":[[-2,2],[2,4],[-4,4],[4,7],[7,8],[8,29],[29,36],[36,45],[45,61],[61,76],[76,91],[91,103],[103,-4],[4,-2]],"/home/ipaullly/dev/parcels/sendIT/app/api/v2/dbmodel.py":[[-1,1],[1,2],[2,3],[3,5],[-5,5],[5,8],[8,9],[9,17],[17,42],[42,50],[50,59],[59,67],[67,76],[76,84],[84,93],[93,-5],[5,-1]],"/home/ipaullly/dev/parcels/sendIT/app/auth/__init__.py":[[-1,1],[1,-1]],"/home/ipaullly/dev/parcels/sendIT/app/auth/v1/__init__.py":[[-1,1],[1,2],[2,4],[4,6],[6,8],[8,10],[10,11],[11,-1]],"/home/ipaullly/dev/parcels/sendIT/app/auth/v1/views.py":[[-1,1],[1,2],[2,3],[3,4],[4,6],[-6,6],[6,9],[9,10],[10,-6],[6,47],[-47,47],[47,50],[50,51],[51,-47],[47,-1]],"/home/ipaullly/dev/parcels/sendIT/app/auth/v1/models.py":[[-1,1],[1,2],[2,3],[3,4],[4,6],[-6,6],[6,9],[9,10],[10,15],[15,-6],[6,18],[-10,11],[11,12],[12,13],[13,14],[14,-10],[18,20],[-20,20],[20,23],[23,24],[24,-20],[20,31],[-31,31],[31,34],[34,35],[35,42],[42,52],[52,60],[60,67],[67,86],[86,-31],[31,-1]],"/home/ipaullly/dev/parcels/sendIT/app/auth/v2/__init__.py":[[-1,1],[1,2],[2,4],[4,6],[6,8],[8,10],[10,11],[11,-1]],"/home/ipaullly/dev/parcels/sendIT/app/auth/v2/views.py":[[-1,1],[1,2],[2,5],[5,6],[6,8],[8,10],[-10,10],[10,13],[13,14],[14,-10],[10,58],[-58,58],[58,61],[61,62],[62,-58],[58,-1]],"/home/ipaullly/dev/parcels/sendIT/app/auth/v2/models.py":[[-1,1],[1,2],[2,3],[3,4],[4,7],[7,11],[-11,11],[11,14],[14,15],[15,27],[27,34],[34,42],[42,51],[51,-11],[11,-1]],"/home/ipaullly/dev/parcels/sendIT/app/tests/__init__.py":[[-1,1],[1,-1]],"/home/ipaullly/dev/parcels/sendIT/app/tests/test_create_parcel_edgecases.py":[[-1,1],[1,2],[2,5],[5,6],[6,8],[-8,8],[8,11],[11,12],[12,54],[54,57],[57,62],[62,67],[67,72],[72,77],[77,-8],[8,84],[84,-1]],"/home/ipaullly/dev/parcels/sendIT/app/tests/test_edgecases.py":[[-1,1],[1,2],[2,5],[5,6],[6,8],[-8,8],[8,11],[11,12],[12,46],[46,49],[49,58],[58,64],[64,70],[70,77],[77,83],[83,-8],[8,89],[89,-1]],"/home/ipaullly/dev/parcels/sendIT/app/tests/test_login.py":[[-1,1],[1,2],[2,5],[5,6],[6,8],[-8,8],[8,11],[11,12],[12,25],[25,35],[35,42],[42,-8],[8,45],[45,-1]],"/home/ipaullly/dev/parcels/sendIT/app/tests/test_parcels.py":[[-1,1],[1,2],[2,5],[5,6],[6,8],[-8,8],[8,11],[11,12],[12,27],[27,30],[30,39],[39,50],[50,60],[60,70],[70,-8],[8,82],[82,-1]],"/home/ipaullly/dev/parcels/sendIT/app/tests/test_register.py":[[-1,1],[1,2],[2,5],[5,6],[6,8],[-8,8],[8,11],[11,12],[12,25],[25,29],[29,35],[35,-8],[8,43],[43,-1]],"/home/ipaullly/dev/parcels/sendIT/app/tests/v1/__init__.py":[],"/home/ipaullly/dev/parcels/sendIT/app/tests/v2/__init__.py":[]}} \ No newline at end of file diff --git a/.gitignore b/.gitignore index 33b3291..15ea6e1 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,4 @@ venv .vscode *.pytest_cache .travis.yml +*.pytest_cache diff --git a/app/api/v2/dbmodel.py b/app/api/v2/dbmodel.py index 0db05aa..a5de5c5 100644 --- a/app/api/v2/dbmodel.py +++ b/app/api/v2/dbmodel.py @@ -33,7 +33,7 @@ def build_all(cls): CREATE TABLE IF NOT EXISTS users ( id serial PRIMARY KEY NOT NULL, email character varying(50) NOT NULL, - role BIT, + role character varying(50), password character varying(300) NOT NULL );""" ) diff --git a/app/api/v2/models.py b/app/api/v2/models.py index 6ca8325..c66831c 100644 --- a/app/api/v2/models.py +++ b/app/api/v2/models.py @@ -33,6 +33,15 @@ def order_list(self): query = """SELECT item_name, destination, status, current_location, order_id FROM orders ORDER BY order_id ASC;""" resp = SenditDb.retrieve_all(query) return resp + + def order_identification(self): + """ + retrieves object containing user and order ids + """ + query = """SELECT user_id, order_id FROM orders ORDER BY order_id ASC;""" + resp = SenditDb.retrieve_all(query) + return resp + def retrieve_single_order(self, parcel_id): """ retrieves an order by id diff --git a/app/api/v2/views.py b/app/api/v2/views.py index c3f1b25..c83937c 100644 --- a/app/api/v2/views.py +++ b/app/api/v2/views.py @@ -6,8 +6,10 @@ from app.utilities.token_function import decode_token from app.utilities.validation_functions import check_for_space, check_createparcel_keys from app.api.v2.models import OrderParcel +from app.auth.v2.models import User order = OrderParcel() +user = User() class ParcelList(Resource): """ @@ -17,7 +19,6 @@ def post(self): """ post method to add new order to list of orders """ - """ auth_header = request.headers.get('Authorization') if not auth_header: return make_response(jsonify({ @@ -35,14 +36,14 @@ def post(self): return make_response(jsonify({ "message" : "Invalid token type" }), 400) - """ + try: data = request.get_json() item = data['item'] pickup = data['pickup'] dest = data['dest'] pricing = data['pricing'] - author = data['user_id'] + #author = data['user_id'] status = "pending" current_location = "sendIT HQ" except Exception: @@ -55,11 +56,6 @@ def post(self): "message" : "pricing field can only contain numbers" }), 400) - if not author.isdigit(): - return make_response(jsonify({ - "message" : "user field can only contain a numeral" - }), 400) - if not check_for_space(item): return make_response(jsonify({ "message" : "Invalid item name format" @@ -80,14 +76,7 @@ def post(self): "message" : "Invalid price value" }), 400) - - if not check_for_space(author): - return make_response(jsonify({ - "message" : "Invalid user id" - }), 400) - - - res = order.create_order(item, pickup, dest, pricing, author, status, current_location) + res = order.create_order(item, pickup, dest, pricing, user_id, status, current_location) if res == "User already ordered this item": return make_response(jsonify({ @@ -162,14 +151,29 @@ def put(self, id): "message" : "Invalid token type" }), 400) - new_destination = request.get_json()['new_destination'] + individ_order = order.order_identification() + + for parcel in individ_order: + if parcel["order_id"] == id: + if not parcel["user_id"] == user_id: + return make_response(jsonify({ + "message" : "Sorry you cannot edit the destination of orders you did not place." + }), 400) + + try: + new_destination = request.get_json()['new_destination'] + except Exception: + return make_response(jsonify({ + "message" : "invalid new destination key" + }), 400) + if not check_for_space(new_destination): return make_response(jsonify({ "message" : "Invalid destination value" }), 400) - + updated_parcel = order.update_destination(new_destination, id) if updated_parcel: return make_response(jsonify({ @@ -206,7 +210,20 @@ def put(self, id): return make_response(jsonify({ "message" : "Invalid token type" }), 400) - order_status = request.get_json()['status'] + + admin = user.check_admin(user_id) + + if not admin: + return make_response(jsonify({ + "message" : "action only accessible to accounts with admin privileges" + }), 403) + + try: + order_status = request.get_json()['status'] + except Exception: + return make_response(jsonify({ + "message" : "invalid status key" + }), 400) if order_status == 'In transit' or order_status == 'Arrived': @@ -250,8 +267,20 @@ def put(self, id): return make_response(jsonify({ "message" : "Invalid token type" }), 400) + + admin = user.check_admin(user_id) + + if not admin: + return make_response(jsonify({ + "message" : "action only accessible to accounts with admin privileges" + }), 403) - order_location = request.get_json()['current_location'] + try: + order_location = request.get_json()['current_location'] + except Exception: + return make_response(jsonify({ + "message" : "invalid current location key" + }), 400) new_location = order.update_current_location(order_location, id) if new_location: diff --git a/app/auth/v2/models.py b/app/auth/v2/models.py index d059c36..469691d 100644 --- a/app/auth/v2/models.py +++ b/app/auth/v2/models.py @@ -12,17 +12,41 @@ class User: """ class to register user and generate tokens """ - def add_user(self, email, password): + def add_user(self, email, password, role): hashed_password = generate_password_hash(password) - email_query = """SELECT * FROM users WHERE email = '{}'""".format(email) - duplicate_email = SenditDb.retrieve_all(email_query) - if duplicate_email: - return False - user_query = """INSERT INTO users (email, password) VALUES (%s, %s) RETURNING email, id""" - tup = (email, hashed_password) + + user_query = """INSERT INTO users (email, password, role) VALUES (%s, %s, %s) RETURNING email, role, id""" + tup = (email, hashed_password, role) resp = SenditDb.insert_fetch_from_db(user_query, tup) payload = resp return payload + + def check_duplicate_email(self, email): + + email_query = """SELECT * FROM users WHERE email = '{}'""".format(email) + duplicate_email = SenditDb.retrieve_all(email_query) + if duplicate_email: + return True + + def check_admin(self, user_id): + """ + method checks whether a user is an admin by id + """ + admin_query = """SELECT role FROM users WHERE id = {}""".format(user_id) + user_role = SenditDb.retrieve_all(admin_query) + if user_role[0]['role'] == 'admin': + return True + + def check_role(self): + """ + method returns True if an account with admin privileges already exists in the database + """ + role_query = """SELECT role FROM users ORDER BY id ASC;""" + user_roles = SenditDb.retrieve_all(role_query) + print(user_roles) + for role in user_roles: + if role['role'] == 'admin': + return True def get_user_by_email(self, email): email_query = """SELECT * FROM users WHERE email = '{}'""".format(email) @@ -30,6 +54,13 @@ def get_user_by_email(self, email): if not response: return False return response + + def get_email_by_id(self, id): + query = """SELECT email FROM users WHERE id = '{}'""".format(id) + response = SenditDb.retrieve_all(query) + if not response: + return False + return response def validate_password(self, password, user_email): diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index 671b895..6387186 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -40,16 +40,23 @@ def post(self): 'message' : 'Ensure your password is at least 8 charaters and includes an Uppercase letter' } return make_response(jsonify(response), 400) - - new_user = user.add_user(email, password) - - if not new_user: + + checked_email = user.check_duplicate_email(email) + if checked_email: response = { 'message' : 'User with the email already exists' } return make_response(jsonify(response), 400) + + role = user.check_role() + + if role: + user_role = "user" + if not role: + user_role = "admin" - + new_user = user.add_user(email, password, user_role) + return make_response(jsonify({ 'message' : 'you have successfully registered an account', 'data' : new_user diff --git a/app/tests/v2/test_create_parcel_edgecases.py b/app/tests/test_create_parcel_edgecases.py similarity index 100% rename from app/tests/v2/test_create_parcel_edgecases.py rename to app/tests/test_create_parcel_edgecases.py diff --git a/app/tests/v2/test_edgecases.py b/app/tests/test_edgecases.py similarity index 100% rename from app/tests/v2/test_edgecases.py rename to app/tests/test_edgecases.py diff --git a/app/tests/v2/test_login.py b/app/tests/test_login.py similarity index 100% rename from app/tests/v2/test_login.py rename to app/tests/test_login.py diff --git a/app/tests/v2/test_parcels.py b/app/tests/test_parcels.py similarity index 100% rename from app/tests/v2/test_parcels.py rename to app/tests/test_parcels.py diff --git a/app/tests/v2/test_register.py b/app/tests/test_register.py similarity index 100% rename from app/tests/v2/test_register.py rename to app/tests/test_register.py diff --git a/app/tests/v1/__init__.py b/app/tests/v1/__init__.py deleted file mode 100644 index e69de29..0000000 diff --git a/app/tests/v2/__init__.py b/app/tests/v2/__init__.py deleted file mode 100644 index e69de29..0000000 diff --git a/app/utilities/token_function.py b/app/utilities/token_function.py index b71265f..95e3c3a 100644 --- a/app/utilities/token_function.py +++ b/app/utilities/token_function.py @@ -15,3 +15,4 @@ def decode_token(token): except jwt.InvalidTokenError: #the token is not valid, throw error return "Unworthy token. Please login to get fresh authorization" + From 2ec7f9e8b94f2ab4b7dde4547fed9610098d1b8f Mon Sep 17 00:00:00 2001 From: ipaullly Date: Sun, 9 Dec 2018 15:32:02 +0300 Subject: [PATCH 03/38] [finishes #162530597] deploy app to heroku --- Procfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Procfile b/Procfile index 62e430a..8abb376 100644 --- a/Procfile +++ b/Procfile @@ -1 +1 @@ -web: gunicorn 'app:create_app()' \ No newline at end of file +web: gunicorn 'app:create_app(config_option="ProdConfig")' \ No newline at end of file From 81284a9fda28f070fbc335f24894527c3c097c49 Mon Sep 17 00:00:00 2001 From: ipaullly Date: Sun, 9 Dec 2018 15:38:55 +0300 Subject: [PATCH 04/38] remove pkg-resources --- requirements.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 2907d91..e5b8ed2 100644 --- a/requirements.txt +++ b/requirements.txt @@ -19,7 +19,6 @@ lazy-object-proxy==1.3.1 MarkupSafe==1.0 mccabe==0.6.1 more-itertools==4.3.0 -pkg-resources==0.0.0 pluggy==0.8.0 psycopg2-binary==2.7.6 py==1.7.0 From f2b307183ae0363bd3aaf8e6dec8ebfd35fce5af Mon Sep 17 00:00:00 2001 From: ipaullly Date: Sun, 9 Dec 2018 16:06:37 +0300 Subject: [PATCH 05/38] modify Procfile --- Procfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Procfile b/Procfile index 8abb376..62e430a 100644 --- a/Procfile +++ b/Procfile @@ -1 +1 @@ -web: gunicorn 'app:create_app(config_option="ProdConfig")' \ No newline at end of file +web: gunicorn 'app:create_app()' \ No newline at end of file From de260569c35296dc64d101574ce8d97ba9a21b19 Mon Sep 17 00:00:00 2001 From: ipaullly Date: Sun, 9 Dec 2018 16:08:17 +0300 Subject: [PATCH 06/38] modify Procfile --- Procfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Procfile b/Procfile index 62e430a..8abb376 100644 --- a/Procfile +++ b/Procfile @@ -1 +1 @@ -web: gunicorn 'app:create_app()' \ No newline at end of file +web: gunicorn 'app:create_app(config_option="ProdConfig")' \ No newline at end of file From a465499d971acac91523e3c041c84de64d8f99c9 Mon Sep 17 00:00:00 2001 From: ipaullly Date: Sun, 9 Dec 2018 16:13:29 +0300 Subject: [PATCH 07/38] modify Procfile --- Procfile | 2 +- app/__init__.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Procfile b/Procfile index 8abb376..62e430a 100644 --- a/Procfile +++ b/Procfile @@ -1 +1 @@ -web: gunicorn 'app:create_app(config_option="ProdConfig")' \ No newline at end of file +web: gunicorn 'app:create_app()' \ No newline at end of file diff --git a/app/__init__.py b/app/__init__.py index 6e73b48..fc30572 100644 --- a/app/__init__.py +++ b/app/__init__.py @@ -13,7 +13,7 @@ #from .auth.v1 import auth #from .auth.v2 import auth2 -def create_app(config_option="DevConfig"): +def create_app(config_option="ProdConfig"): """ Initialize the app for a development environment """ From 4d84f4d437e80e4ccceae5ced36ac7cd042c3a8f Mon Sep 17 00:00:00 2001 From: ipaullly Date: Sun, 9 Dec 2018 16:14:57 +0300 Subject: [PATCH 08/38] modify Procfile --- Procfile | 2 +- app/__init__.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Procfile b/Procfile index 62e430a..8abb376 100644 --- a/Procfile +++ b/Procfile @@ -1 +1 @@ -web: gunicorn 'app:create_app()' \ No newline at end of file +web: gunicorn 'app:create_app(config_option="ProdConfig")' \ No newline at end of file diff --git a/app/__init__.py b/app/__init__.py index fc30572..6e73b48 100644 --- a/app/__init__.py +++ b/app/__init__.py @@ -13,7 +13,7 @@ #from .auth.v1 import auth #from .auth.v2 import auth2 -def create_app(config_option="ProdConfig"): +def create_app(config_option="DevConfig"): """ Initialize the app for a development environment """ From eea7dcba44521aa7fb1bdf12ff8c054a8d8108ec Mon Sep 17 00:00:00 2001 From: ipaullly Date: Sun, 9 Dec 2018 16:25:22 +0300 Subject: [PATCH 09/38] modify app/__init__.py --- app/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/__init__.py b/app/__init__.py index 6e73b48..0cd162b 100644 --- a/app/__init__.py +++ b/app/__init__.py @@ -19,7 +19,7 @@ def create_app(config_option="DevConfig"): """ app = Flask(__name__) app.config.from_object(config.config[config_option]) - SenditDb.start_db(app.config['DATABASE_URI']) + SenditDb.start_db(app.config['ProdConfig']) SenditDb.build_all() app.register_blueprint(version1) app.register_blueprint(version2) From ac65c83dfbbb638769d2465e1f52fe69532f2915 Mon Sep 17 00:00:00 2001 From: ipaullly Date: Sun, 9 Dec 2018 16:44:41 +0300 Subject: [PATCH 10/38] modify app/__init__.py --- app/__init__.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/__init__.py b/app/__init__.py index 0cd162b..54b9167 100644 --- a/app/__init__.py +++ b/app/__init__.py @@ -19,7 +19,8 @@ def create_app(config_option="DevConfig"): """ app = Flask(__name__) app.config.from_object(config.config[config_option]) - SenditDb.start_db(app.config['ProdConfig']) + app.config.from_pyfile('config.py') + SenditDb.start_db(app) SenditDb.build_all() app.register_blueprint(version1) app.register_blueprint(version2) From 7b5af8f318b0e5c17d1e709d942aaa282cff9532 Mon Sep 17 00:00:00 2001 From: ipaullly Date: Sun, 9 Dec 2018 16:58:01 +0300 Subject: [PATCH 11/38] modify app/__init__.py --- app/__init__.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/app/__init__.py b/app/__init__.py index 54b9167..dcc983f 100644 --- a/app/__init__.py +++ b/app/__init__.py @@ -19,8 +19,7 @@ def create_app(config_option="DevConfig"): """ app = Flask(__name__) app.config.from_object(config.config[config_option]) - app.config.from_pyfile('config.py') - SenditDb.start_db(app) + SenditDb.start_db('postgres://vhgobajxbehppp:b05d8b59b7552e74c763d86945c5b29c2fd11c5e000cfc417190eca27f8eb3d5@ec2-54-204-40-248.compute-1.amazonaws.com:5432/d4v7duckviarp9') SenditDb.build_all() app.register_blueprint(version1) app.register_blueprint(version2) From 4dfa2a007c090c6eb3c371e8b5145ec18b21eeac Mon Sep 17 00:00:00 2001 From: ipaullly Date: Sun, 9 Dec 2018 19:55:57 +0300 Subject: [PATCH 12/38] remove str decode method --- app/__init__.py | 1 + app/auth/v2/views.py | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/app/__init__.py b/app/__init__.py index dcc983f..2dedf3b 100644 --- a/app/__init__.py +++ b/app/__init__.py @@ -19,6 +19,7 @@ def create_app(config_option="DevConfig"): """ app = Flask(__name__) app.config.from_object(config.config[config_option]) + #SenditDb.start_db(app.config['DATABASE_URI']) SenditDb.start_db('postgres://vhgobajxbehppp:b05d8b59b7552e74c763d86945c5b29c2fd11c5e000cfc417190eca27f8eb3d5@ec2-54-204-40-248.compute-1.amazonaws.com:5432/d4v7duckviarp9') SenditDb.build_all() app.register_blueprint(version1) diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index 6387186..cb63622 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -106,7 +106,7 @@ def post(self): return make_response(jsonify(response), 401) response = { 'message' : 'Successfully logged in', - 'data' : auth_token.decode() + 'data' : auth_token } return make_response(jsonify(response), 200) \ No newline at end of file From a63856a8e629d4b913c58cb607665f20a9351d37 Mon Sep 17 00:00:00 2001 From: ipaullly Date: Sun, 9 Dec 2018 20:01:29 +0300 Subject: [PATCH 13/38] add decode method --- app/auth/v2/views.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index cb63622..16356eb 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -106,7 +106,7 @@ def post(self): return make_response(jsonify(response), 401) response = { 'message' : 'Successfully logged in', - 'data' : auth_token + 'data' : auth_token.decode("utf-8") } return make_response(jsonify(response), 200) \ No newline at end of file From 6c10cb29d61725469ac73420242a895bae75afa4 Mon Sep 17 00:00:00 2001 From: ipaullly Date: Sun, 9 Dec 2018 22:11:54 +0300 Subject: [PATCH 14/38] add convert from byte to string function --- app/auth/v2/views.py | 5 ++++- app/utilities/token_function.py | 5 +++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index 16356eb..89dab36 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -4,6 +4,7 @@ #from ...utilities.validation_functions import check_for_space, check_email_format, check_password_strength from app.auth.v2.models import User from app.utilities.validation_functions import check_for_space, check_email_format, check_password_strength +from app.utilities.token_function import convert_token user = User() @@ -98,6 +99,8 @@ def post(self): } return make_response(jsonify(response), 401) auth_token = user.generate_token(user_id) + + str_token = convert_token(auth_token) if not auth_token: response = { @@ -106,7 +109,7 @@ def post(self): return make_response(jsonify(response), 401) response = { 'message' : 'Successfully logged in', - 'data' : auth_token.decode("utf-8") + 'data' : str_token } return make_response(jsonify(response), 200) \ No newline at end of file diff --git a/app/utilities/token_function.py b/app/utilities/token_function.py index 95e3c3a..03f2584 100644 --- a/app/utilities/token_function.py +++ b/app/utilities/token_function.py @@ -16,3 +16,8 @@ def decode_token(token): #the token is not valid, throw error return "Unworthy token. Please login to get fresh authorization" +def convert_token(auth_token): + """ + function to change generated token from byte to string + """ + return "".join( chr(x) for x in auth_token) \ No newline at end of file From dd154143d630247eb9624f0231e908b0d6a727f9 Mon Sep 17 00:00:00 2001 From: ipaullly Date: Sun, 9 Dec 2018 22:16:55 +0300 Subject: [PATCH 15/38] Add decode to ASCII --- app/auth/v2/views.py | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index 89dab36..8e38c8e 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -4,7 +4,6 @@ #from ...utilities.validation_functions import check_for_space, check_email_format, check_password_strength from app.auth.v2.models import User from app.utilities.validation_functions import check_for_space, check_email_format, check_password_strength -from app.utilities.token_function import convert_token user = User() @@ -99,8 +98,6 @@ def post(self): } return make_response(jsonify(response), 401) auth_token = user.generate_token(user_id) - - str_token = convert_token(auth_token) if not auth_token: response = { @@ -109,7 +106,7 @@ def post(self): return make_response(jsonify(response), 401) response = { 'message' : 'Successfully logged in', - 'data' : str_token + 'data' : auth_token.decode('ASCII') } return make_response(jsonify(response), 200) \ No newline at end of file From c6f4e862da25b377cfb2a9142a0150632f02808d Mon Sep 17 00:00:00 2001 From: ipaullly Date: Sun, 9 Dec 2018 22:22:17 +0300 Subject: [PATCH 16/38] add str() function --- app/auth/v2/views.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index 8e38c8e..6feb539 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -106,7 +106,7 @@ def post(self): return make_response(jsonify(response), 401) response = { 'message' : 'Successfully logged in', - 'data' : auth_token.decode('ASCII') + 'data' : str(auth_token) } return make_response(jsonify(response), 200) \ No newline at end of file From 7bd37342e5d2c644eef03cb8ea72b0dc6877b0ff Mon Sep 17 00:00:00 2001 From: ipaullly Date: Sun, 9 Dec 2018 22:24:11 +0300 Subject: [PATCH 17/38] move str() function --- app/auth/v2/views.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index 6feb539..8586659 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -98,7 +98,7 @@ def post(self): } return make_response(jsonify(response), 401) auth_token = user.generate_token(user_id) - + str_token = str(auth_token) if not auth_token: response = { 'message' : 'token generation failed' @@ -106,7 +106,7 @@ def post(self): return make_response(jsonify(response), 401) response = { 'message' : 'Successfully logged in', - 'data' : str(auth_token) + 'data' : str_token } return make_response(jsonify(response), 200) \ No newline at end of file From 2dc6a4b8ab41483e5a254156473727630352953a Mon Sep 17 00:00:00 2001 From: ipaullly Date: Sun, 9 Dec 2018 22:31:24 +0300 Subject: [PATCH 18/38] move str() function --- app/auth/v2/views.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index 8586659..e77b08e 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -98,7 +98,7 @@ def post(self): } return make_response(jsonify(response), 401) auth_token = user.generate_token(user_id) - str_token = str(auth_token) + if not auth_token: response = { 'message' : 'token generation failed' @@ -106,7 +106,7 @@ def post(self): return make_response(jsonify(response), 401) response = { 'message' : 'Successfully logged in', - 'data' : str_token + 'data' : auth_token.hex() } return make_response(jsonify(response), 200) \ No newline at end of file From d3d0d7b7897967ee272148118cba107a7c169332 Mon Sep 17 00:00:00 2001 From: ipaullly Date: Sun, 9 Dec 2018 22:39:17 +0300 Subject: [PATCH 19/38] add decode() function in user model --- app/auth/v2/models.py | 8 ++------ app/auth/v2/views.py | 2 +- 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/app/auth/v2/models.py b/app/auth/v2/models.py index 469691d..a136031 100644 --- a/app/auth/v2/models.py +++ b/app/auth/v2/models.py @@ -27,7 +27,7 @@ def check_duplicate_email(self, email): duplicate_email = SenditDb.retrieve_all(email_query) if duplicate_email: return True - + def check_admin(self, user_id): """ method checks whether a user is an admin by id @@ -80,11 +80,7 @@ def generate_token(self, userID): 'iat' : datetime.utcnow(), 'id' : userID } - token = jwt.encode( - payload, - os.environ.get('SECRET_KEY'), - algorithm='HS256' - ) + token = jwt.encode(payload, os.environ.get('SECRET_KEY'), algorithm='HS256').decode('utf-8') return token except Exception as err: return str(err) diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index e77b08e..cb63622 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -106,7 +106,7 @@ def post(self): return make_response(jsonify(response), 401) response = { 'message' : 'Successfully logged in', - 'data' : auth_token.hex() + 'data' : auth_token } return make_response(jsonify(response), 200) \ No newline at end of file From d4d08432f7393537f8860e049ba6dac7a290aadb Mon Sep 17 00:00:00 2001 From: ipaullly Date: Sun, 9 Dec 2018 22:42:13 +0300 Subject: [PATCH 20/38] add decode() function in user model --- app/auth/v2/models.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/auth/v2/models.py b/app/auth/v2/models.py index a136031..95a93b2 100644 --- a/app/auth/v2/models.py +++ b/app/auth/v2/models.py @@ -80,7 +80,7 @@ def generate_token(self, userID): 'iat' : datetime.utcnow(), 'id' : userID } - token = jwt.encode(payload, os.environ.get('SECRET_KEY'), algorithm='HS256').decode('utf-8') + token = jwt.encode(payload, os.environ.get('SECRET_KEY'), 'HS256').decode('utf-8') return token except Exception as err: return str(err) From 79e323b911ad3eb68c7234dcbb5fe87657e610be Mon Sep 17 00:00:00 2001 From: ipaullly Date: Mon, 10 Dec 2018 11:18:55 +0300 Subject: [PATCH 21/38] add codecs module --- app/auth/v2/models.py | 2 +- app/auth/v2/views.py | 7 ++++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/app/auth/v2/models.py b/app/auth/v2/models.py index 95a93b2..1df1a28 100644 --- a/app/auth/v2/models.py +++ b/app/auth/v2/models.py @@ -80,7 +80,7 @@ def generate_token(self, userID): 'iat' : datetime.utcnow(), 'id' : userID } - token = jwt.encode(payload, os.environ.get('SECRET_KEY'), 'HS256').decode('utf-8') + token = jwt.encode(payload, os.environ.get('SECRET_KEY'), 'HS256') return token except Exception as err: return str(err) diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index cb63622..b0d8535 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -1,3 +1,4 @@ +import codecs from flask_restful import Resource from flask import make_response,jsonify, request #from ...auth.v2.models import User @@ -97,6 +98,7 @@ def post(self): 'message' : 'incorrect login credentials. please enter details again' } return make_response(jsonify(response), 401) + auth_token = user.generate_token(user_id) if not auth_token: @@ -104,9 +106,12 @@ def post(self): 'message' : 'token generation failed' } return make_response(jsonify(response), 401) + + str_token = codecs.decode(auth_token, encoding='utf-8', errors='strict') + response = { 'message' : 'Successfully logged in', - 'data' : auth_token + 'data' : str_token } return make_response(jsonify(response), 200) \ No newline at end of file From 451327116b0f949f466c1285b08707ee4aa3e139 Mon Sep 17 00:00:00 2001 From: ipaullly Date: Mon, 10 Dec 2018 11:22:51 +0300 Subject: [PATCH 22/38] remove codecs module --- app/auth/v2/views.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index b0d8535..bb90887 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -106,8 +106,9 @@ def post(self): 'message' : 'token generation failed' } return make_response(jsonify(response), 401) + print(auth_token) - str_token = codecs.decode(auth_token, encoding='utf-8', errors='strict') + str_token = auth_token.decode('utf-8', 'backslashreplace') response = { 'message' : 'Successfully logged in', From 894aeafd6d5f9d226a30d8cebb3be2e22fd7072f Mon Sep 17 00:00:00 2001 From: ipaullly Date: Mon, 10 Dec 2018 11:25:09 +0300 Subject: [PATCH 23/38] add str() function --- app/auth/v2/views.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index bb90887..c554f6c 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -108,7 +108,7 @@ def post(self): return make_response(jsonify(response), 401) print(auth_token) - str_token = auth_token.decode('utf-8', 'backslashreplace') + str_token = str(auth_token, encoding) response = { 'message' : 'Successfully logged in', From 102d4fd24125756f16351ff5e60725df3957aaae Mon Sep 17 00:00:00 2001 From: ipaullly Date: Mon, 10 Dec 2018 11:47:09 +0300 Subject: [PATCH 24/38] add arguments to str() function --- app/auth/v2/views.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index c554f6c..300688a 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -106,9 +106,8 @@ def post(self): 'message' : 'token generation failed' } return make_response(jsonify(response), 401) - print(auth_token) - - str_token = str(auth_token, encoding) + + str_token = str(object=auth_token, encoding='utf-8', errors='strict') response = { 'message' : 'Successfully logged in', From 41a5637603d7869dc49a1a3984af74dd3e1e385c Mon Sep 17 00:00:00 2001 From: ipaullly Date: Mon, 10 Dec 2018 11:53:38 +0300 Subject: [PATCH 25/38] add decode() method --- app/auth/v2/models.py | 2 +- app/auth/v2/views.py | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/app/auth/v2/models.py b/app/auth/v2/models.py index 1df1a28..47df7e6 100644 --- a/app/auth/v2/models.py +++ b/app/auth/v2/models.py @@ -80,7 +80,7 @@ def generate_token(self, userID): 'iat' : datetime.utcnow(), 'id' : userID } - token = jwt.encode(payload, os.environ.get('SECRET_KEY'), 'HS256') + token = jwt.encode(payload, os.environ.get('SECRET_KEY')) return token except Exception as err: return str(err) diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index 300688a..b86b57a 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -107,11 +107,11 @@ def post(self): } return make_response(jsonify(response), 401) - str_token = str(object=auth_token, encoding='utf-8', errors='strict') + #str_token = str(object=auth_token, encoding='utf-8', errors='strict') response = { 'message' : 'Successfully logged in', - 'data' : str_token + 'data' : auth_token.decode("utf-8") } return make_response(jsonify(response), 200) \ No newline at end of file From 517653f405edf40e58a2d41f9a4c7fe85976b449 Mon Sep 17 00:00:00 2001 From: ipaullly Date: Mon, 10 Dec 2018 11:57:07 +0300 Subject: [PATCH 26/38] add encode() method --- app/auth/v2/views.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index b86b57a..94e790c 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -108,10 +108,11 @@ def post(self): return make_response(jsonify(response), 401) #str_token = str(object=auth_token, encoding='utf-8', errors='strict') - + str_token = auth_token.encode() + response = { 'message' : 'Successfully logged in', - 'data' : auth_token.decode("utf-8") + 'data' : str_token.decode("utf-8") } return make_response(jsonify(response), 200) \ No newline at end of file From c1ca18184bcad1d509b59e5eb9ea58bc5024a5a4 Mon Sep 17 00:00:00 2001 From: ipaullly Date: Mon, 10 Dec 2018 12:11:38 +0300 Subject: [PATCH 27/38] append decode() to token generation --- app/auth/v2/models.py | 2 +- app/auth/v2/views.py | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/app/auth/v2/models.py b/app/auth/v2/models.py index 47df7e6..2fb871c 100644 --- a/app/auth/v2/models.py +++ b/app/auth/v2/models.py @@ -80,7 +80,7 @@ def generate_token(self, userID): 'iat' : datetime.utcnow(), 'id' : userID } - token = jwt.encode(payload, os.environ.get('SECRET_KEY')) + token = jwt.encode(payload, os.environ.get('SECRET_KEY')).decode() return token except Exception as err: return str(err) diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index 94e790c..8f64418 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -108,11 +108,11 @@ def post(self): return make_response(jsonify(response), 401) #str_token = str(object=auth_token, encoding='utf-8', errors='strict') - str_token = auth_token.encode() - + #str_token = auth_token.encode() + response = { 'message' : 'Successfully logged in', - 'data' : str_token.decode("utf-8") + 'data' : auth_token } return make_response(jsonify(response), 200) \ No newline at end of file From deae9b5a2f18687fd315db8eefe3a07279c0b1ac Mon Sep 17 00:00:00 2001 From: ipaullly Date: Mon, 10 Dec 2018 12:13:08 +0300 Subject: [PATCH 28/38] append decode() to token generation --- app/auth/v2/models.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/auth/v2/models.py b/app/auth/v2/models.py index 2fb871c..0083653 100644 --- a/app/auth/v2/models.py +++ b/app/auth/v2/models.py @@ -80,7 +80,7 @@ def generate_token(self, userID): 'iat' : datetime.utcnow(), 'id' : userID } - token = jwt.encode(payload, os.environ.get('SECRET_KEY')).decode() + token = jwt.encode(payload, os.environ.get('SECRET_KEY')).decode('utf-8', errors='ignore') return token except Exception as err: return str(err) From 06bceb4e25c03956f440d4010e115fc155f960d5 Mon Sep 17 00:00:00 2001 From: ipaullly Date: Mon, 10 Dec 2018 12:28:37 +0300 Subject: [PATCH 29/38] append decode() to token generation --- app/auth/v2/models.py | 2 +- app/auth/v2/views.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/app/auth/v2/models.py b/app/auth/v2/models.py index 0083653..47df7e6 100644 --- a/app/auth/v2/models.py +++ b/app/auth/v2/models.py @@ -80,7 +80,7 @@ def generate_token(self, userID): 'iat' : datetime.utcnow(), 'id' : userID } - token = jwt.encode(payload, os.environ.get('SECRET_KEY')).decode('utf-8', errors='ignore') + token = jwt.encode(payload, os.environ.get('SECRET_KEY')) return token except Exception as err: return str(err) diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index 8f64418..8afb8d3 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -112,7 +112,7 @@ def post(self): response = { 'message' : 'Successfully logged in', - 'data' : auth_token + 'data' : str(auth_token, 'utf-8') } return make_response(jsonify(response), 200) \ No newline at end of file From ecab8230d09979f6636f586bfe9babfdad7cfe91 Mon Sep 17 00:00:00 2001 From: ipaullly Date: Mon, 10 Dec 2018 12:38:20 +0300 Subject: [PATCH 30/38] debug decode of token --- app/auth/v2/views.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index 8afb8d3..29fd501 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -109,10 +109,11 @@ def post(self): #str_token = str(object=auth_token, encoding='utf-8', errors='strict') #str_token = auth_token.encode() + str_token = ''.join(auth_token.split('b', 1)) response = { 'message' : 'Successfully logged in', - 'data' : str(auth_token, 'utf-8') + 'data' : str_token } return make_response(jsonify(response), 200) \ No newline at end of file From 66c59479d9230f166f14cc67994fada731ec1507 Mon Sep 17 00:00:00 2001 From: ipaullly Date: Mon, 10 Dec 2018 12:46:29 +0300 Subject: [PATCH 31/38] debug decode of token --- app/auth/v2/views.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index 29fd501..4c7dcb1 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -109,7 +109,9 @@ def post(self): #str_token = str(object=auth_token, encoding='utf-8', errors='strict') #str_token = auth_token.encode() - str_token = ''.join(auth_token.split('b', 1)) + + token_to_string = str(auth_token) + str_token = ''.join(token_to_string.split('b', 1)) response = { 'message' : 'Successfully logged in', From c8346d355132313b6f42f6aa88987532abbce02e Mon Sep 17 00:00:00 2001 From: ipaullly Date: Mon, 10 Dec 2018 12:49:32 +0300 Subject: [PATCH 32/38] debug decode of token --- app/auth/v2/views.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index 4c7dcb1..d4f3ec8 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -115,7 +115,7 @@ def post(self): response = { 'message' : 'Successfully logged in', - 'data' : str_token + 'data' : print(str_token) } return make_response(jsonify(response), 200) \ No newline at end of file From cf4fb3242d690c733caefa76bba1c51bbd111c12 Mon Sep 17 00:00:00 2001 From: ipaullly Date: Mon, 10 Dec 2018 13:25:00 +0300 Subject: [PATCH 33/38] debug decode of token --- app/auth/v2/models.py | 4 ++-- app/auth/v2/views.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/app/auth/v2/models.py b/app/auth/v2/models.py index 47df7e6..5c42487 100644 --- a/app/auth/v2/models.py +++ b/app/auth/v2/models.py @@ -82,7 +82,7 @@ def generate_token(self, userID): } token = jwt.encode(payload, os.environ.get('SECRET_KEY')) return token - except Exception as err: - return str(err) + except Exception: + return "problem with the token generation" diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index d4f3ec8..4c7dcb1 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -115,7 +115,7 @@ def post(self): response = { 'message' : 'Successfully logged in', - 'data' : print(str_token) + 'data' : str_token } return make_response(jsonify(response), 200) \ No newline at end of file From 0221ec81245abc330196b7b173a82bfb01a07d29 Mon Sep 17 00:00:00 2001 From: ipaullly Date: Mon, 10 Dec 2018 16:43:08 +0300 Subject: [PATCH 34/38] comment out string operation --- app/auth/v2/views.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index 4c7dcb1..aea6087 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -111,11 +111,11 @@ def post(self): #str_token = auth_token.encode() token_to_string = str(auth_token) - str_token = ''.join(token_to_string.split('b', 1)) + #str_token = ''.join(token_to_string.split('b', 1)) response = { 'message' : 'Successfully logged in', - 'data' : str_token + 'data' : token_to_string } return make_response(jsonify(response), 200) \ No newline at end of file From aeb6683dbaf9d0908ea09941552d6d587182f06b Mon Sep 17 00:00:00 2001 From: ipaullly Date: Mon, 10 Dec 2018 16:45:08 +0300 Subject: [PATCH 35/38] comment out string operation --- app/auth/v2/views.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/auth/v2/views.py b/app/auth/v2/views.py index aea6087..4c7dcb1 100644 --- a/app/auth/v2/views.py +++ b/app/auth/v2/views.py @@ -111,11 +111,11 @@ def post(self): #str_token = auth_token.encode() token_to_string = str(auth_token) - #str_token = ''.join(token_to_string.split('b', 1)) + str_token = ''.join(token_to_string.split('b', 1)) response = { 'message' : 'Successfully logged in', - 'data' : token_to_string + 'data' : str_token } return make_response(jsonify(response), 200) \ No newline at end of file From 0fd2a54f54fef796e4736ddb97ca2df2f44380a5 Mon Sep 17 00:00:00 2001 From: ipaullly Date: Fri, 11 Jan 2019 10:36:36 +0300 Subject: [PATCH 36/38] ignore node modules --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 15ea6e1..97d8ce4 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,4 @@ venv *.pytest_cache .travis.yml *.pytest_cache +node_modules From 191bd00876b90dd38935a586c131e99a2cbc4ba6 Mon Sep 17 00:00:00 2001 From: ipaullly Date: Fri, 11 Jan 2019 10:51:50 +0300 Subject: [PATCH 37/38] Add CORS functionality to create_app() --- app/__init__.py | 2 ++ requirements.txt | 2 ++ 2 files changed, 4 insertions(+) diff --git a/app/__init__.py b/app/__init__.py index 2dedf3b..6decbce 100644 --- a/app/__init__.py +++ b/app/__init__.py @@ -1,4 +1,5 @@ from flask import Flask, Blueprint +from flask_cors import CORS from app import config from app.api.v1 import version1 from app.api.v2 import version2 @@ -26,6 +27,7 @@ def create_app(config_option="DevConfig"): app.register_blueprint(version2) app.register_blueprint(auth) app.register_blueprint(auth2) + CORS(app) return app diff --git a/requirements.txt b/requirements.txt index e5b8ed2..e3e65a6 100644 --- a/requirements.txt +++ b/requirements.txt @@ -9,6 +9,7 @@ coverage==4.5.1 coveralls==1.5.1 docopt==0.6.2 Flask==1.0.2 +Flask-Cors==3.0.7 Flask-RESTful==0.3.6 gunicorn==19.9.0 idna==2.7 @@ -19,6 +20,7 @@ lazy-object-proxy==1.3.1 MarkupSafe==1.0 mccabe==0.6.1 more-itertools==4.3.0 +pkg-resources==0.0.0 pluggy==0.8.0 psycopg2-binary==2.7.6 py==1.7.0 From a366bf812cc85e0bd1b0a93a8fb3faeb65a0367b Mon Sep 17 00:00:00 2001 From: ipaullly Date: Fri, 11 Jan 2019 10:54:04 +0300 Subject: [PATCH 38/38] remove pkg-resources from requirements.txt --- requirements.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index e3e65a6..8655c4b 100644 --- a/requirements.txt +++ b/requirements.txt @@ -20,7 +20,6 @@ lazy-object-proxy==1.3.1 MarkupSafe==1.0 mccabe==0.6.1 more-itertools==4.3.0 -pkg-resources==0.0.0 pluggy==0.8.0 psycopg2-binary==2.7.6 py==1.7.0