RestAPIFlask/models.py at master · nloyau/RestAPIFlask · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
#/usr/bin/python3
from flask import jsonify, request
from flask_sqlalchemy import SQLAlchemy
from itsdangerous import  BadSignature, SignatureExpired
from itsdangerous import URLSafeTimedSerializer as Serializer
from sqlalchemy import Column, Integer, String, Float, Unicode
from sqlalchemy.orm import declarative_base
from sqlalchemy_utils import EncryptedType
from sqlalchemy_utils.types.encrypted.encrypted_type import AesEngine
from datetime import  datetime

from passlib.apps import custom_app_context as pwd_context

secret_key = 'secretkey1234'

Base = declarative_base()

db = SQLAlchemy(model_class=Base)

class Product(Base):
    __tablename__ ='products'

    id = Column(Integer, primary_key=True, index=True)
    name = Column(EncryptedType(Unicode,
                                           secret_key,
                                           AesEngine,
                                           'pkcs5'), unique=True,index=True, nullable=False)
    description= Column(String, index=True, nullable=False)
    price = Column(Float, nullable=False)


class User(Base):
    __tablename__ = 'users'
    id = Column(Integer, primary_key = True)
    username = Column(String(32), index=True, unique=True,nullable=False)
    password = Column(EncryptedType(Unicode,
                                           secret_key,
                                           AesEngine,
                                           'pkcs5'))

    def generate_auth_token(self, expiration = 600):
        s = Serializer(secret_key)
        return s.dumps({'id': self.id, 'timestamps' : datetime.now().strftime("%s")})

    @staticmethod
    def verify_auth_token(token):
        s = Serializer(secret_key)
        try:
            data = s.loads(token)
            print(data)
        except SignatureExpired:
            print("Valid token error")
            return None # valid token, but expired
        except BadSignature:
            print("Invalide token")
            return None # invalid token
        if (int(datetime.now().strftime("%s")) - int(data['timestamps'])  > 720 ):
            print("Token trop ancien")
            return None
        user = User.query.get(data['id'])
        #print(user)
        return user

    def get_auth_token(self):
        token = self.generate_auth_token()
        print("Token %s" % token )
        return token