seems to work
This commit is contained in:
parent
4f4b959e9e
commit
e362b1484f
4
ENV.tmpl
4
ENV.tmpl
@ -5,3 +5,7 @@ export DB_USER="hausverwaltung-ui"
|
|||||||
export DB_PASS="test123"
|
export DB_PASS="test123"
|
||||||
export DB_NAME="hausverwaltung"
|
export DB_NAME="hausverwaltung"
|
||||||
|
|
||||||
|
export JWT_ISSUER='de.hottis.hausverwaltung'
|
||||||
|
export JWT_SECRET='streng_geheim'
|
||||||
|
export JWT_LIFETIME_SECONDS=60
|
||||||
|
export JWT_ALGORITHM='HS256'
|
||||||
|
41
auth.py
Executable file
41
auth.py
Executable file
@ -0,0 +1,41 @@
|
|||||||
|
import time
|
||||||
|
import connexion
|
||||||
|
import six
|
||||||
|
from werkzeug.exceptions import Unauthorized
|
||||||
|
from jose import JWTError, jwt
|
||||||
|
import os
|
||||||
|
|
||||||
|
JWT_ISSUER = os.environ['JWT_ISSUER']
|
||||||
|
JWT_SECRET = os.environ['JWT_SECRET']
|
||||||
|
JWT_LIFETIME_SECONDS = int(os.environ['JWT_LIFETIME_SECONDS'])
|
||||||
|
JWT_ALGORITHM = os.environ['JWT_ALGORITHM']
|
||||||
|
|
||||||
|
|
||||||
|
def generate_token(user_id):
|
||||||
|
timestamp = _current_timestamp()
|
||||||
|
payload = {
|
||||||
|
"iss": JWT_ISSUER,
|
||||||
|
"iat": int(timestamp),
|
||||||
|
"exp": int(timestamp + JWT_LIFETIME_SECONDS),
|
||||||
|
"sub": str(user_id),
|
||||||
|
}
|
||||||
|
return jwt.encode(payload, JWT_SECRET, algorithm=JWT_ALGORITHM)
|
||||||
|
|
||||||
|
|
||||||
|
def decode_token(token):
|
||||||
|
try:
|
||||||
|
return jwt.decode(token, JWT_SECRET, algorithms=[JWT_ALGORITHM])
|
||||||
|
except JWTError as e:
|
||||||
|
six.raise_from(Unauthorized, e)
|
||||||
|
|
||||||
|
|
||||||
|
def get_secret(user, token_info) -> str:
|
||||||
|
return '''
|
||||||
|
You are user_id {user} and the secret is 'wbevuec'.
|
||||||
|
Decoded token claims: {token_info}.
|
||||||
|
'''.format(user=user, token_info=token_info)
|
||||||
|
|
||||||
|
|
||||||
|
def _current_timestamp() -> int:
|
||||||
|
return int(time.time())
|
||||||
|
|
@ -126,6 +126,9 @@ paths:
|
|||||||
description: No Mieter available
|
description: No Mieter available
|
||||||
500:
|
500:
|
||||||
description: Some server error
|
description: Some server error
|
||||||
|
security:
|
||||||
|
- jwt: ['secret']
|
||||||
|
|
||||||
/hv/mieter/{id}:
|
/hv/mieter/{id}:
|
||||||
get:
|
get:
|
||||||
tags: [ "Mieter" ]
|
tags: [ "Mieter" ]
|
||||||
@ -296,24 +299,65 @@ paths:
|
|||||||
description: Neither Forderungen nor Zahlungen available
|
description: Neither Forderungen nor Zahlungen available
|
||||||
500:
|
500:
|
||||||
description: Some server error
|
description: Some server error
|
||||||
# /hv/zahlung:
|
/hv/zahlung:
|
||||||
# post:
|
post:
|
||||||
# tags: [ "Zahlung" ]
|
tags: [ "Zahlung" ]
|
||||||
# operationId: ZahlungenForderungen.put_zahlung
|
operationId: ZahlungenForderungen.put_zahlung
|
||||||
# summary: Inserts a new Zahlung
|
summary: Inserts a new Zahlung
|
||||||
# parameters:
|
parameters:
|
||||||
# - name: zahlung
|
- name: zahlung
|
||||||
# in: body
|
in: body
|
||||||
# schema:
|
schema:
|
||||||
# $ref: '#/components/schemas/Zahlung'
|
$ref: '#/components/schemas/Zahlung'
|
||||||
# responses:
|
responses:
|
||||||
# 202:
|
202:
|
||||||
# description: Zahlung successfully inserted
|
description: Zahlung successfully inserted
|
||||||
# 500:
|
500:
|
||||||
# description: Some server or database error
|
description: Some server or database error
|
||||||
|
/auth/{user_id}:
|
||||||
|
get:
|
||||||
|
tags: [ "JWT" ]
|
||||||
|
summary: Return JWT token
|
||||||
|
operationId: auth.generate_token
|
||||||
|
parameters:
|
||||||
|
- name: user_id
|
||||||
|
description: User unique identifier
|
||||||
|
in: path
|
||||||
|
required: true
|
||||||
|
example: 12
|
||||||
|
schema:
|
||||||
|
type: integer
|
||||||
|
responses:
|
||||||
|
'200':
|
||||||
|
description: JWT token
|
||||||
|
content:
|
||||||
|
'text/plain':
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
/secret:
|
||||||
|
get:
|
||||||
|
tags: [ "JWT" ]
|
||||||
|
summary: Return secret string
|
||||||
|
operationId: auth.get_secret
|
||||||
|
responses:
|
||||||
|
'200':
|
||||||
|
description: secret response
|
||||||
|
content:
|
||||||
|
'text/plain':
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
security:
|
||||||
|
- jwt: ['secret']
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
components:
|
components:
|
||||||
|
securitySchemes:
|
||||||
|
jwt:
|
||||||
|
type: http
|
||||||
|
scheme: bearer
|
||||||
|
bearerFormat: JWT
|
||||||
|
x-bearerInfoFunc: auth.decode_token
|
||||||
schemas:
|
schemas:
|
||||||
Objekt:
|
Objekt:
|
||||||
description: Objekt type
|
description: Objekt type
|
@ -3,7 +3,7 @@ from flask_cors import CORS
|
|||||||
|
|
||||||
# instantiate the webservice
|
# instantiate the webservice
|
||||||
app = connexion.App(__name__)
|
app = connexion.App(__name__)
|
||||||
app.add_api('swagger.yaml')
|
app.add_api('openapi.yaml')
|
||||||
|
|
||||||
# CORSify it - otherwise Angular won't accept it
|
# CORSify it - otherwise Angular won't accept it
|
||||||
CORS(app.app)
|
CORS(app.app)
|
||||||
|
Loading…
x
Reference in New Issue
Block a user