hv/hv-service
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: hv:jwt-experiments-2
Branches Tags
hv:master hv:jwt-experiments-2 hv:openapi3 hv:jwt-experiments
hv:1.1.1 hv:1.1.0 hv:1.0.1 hv:1.0.0
..
compare: hv:jwt-experiments
Branches Tags
hv:master hv:jwt-experiments-2 hv:openapi3 hv:jwt-experiments
hv:1.1.1 hv:1.1.0 hv:1.0.1 hv:1.0.0

1 Commits
jwt-experi ... jwt-experi

Author SHA1 Message Date
Wolfgang Hottgenroth
73b94e8aa2 jwt, first try not working 2021-01-24 20:41:08 +01:00
10 changed files with 240 additions and 290 deletions
Expand all files Collapse all files

8
Dockerfile
View File

@ -10,10 +10,6 @@ ENV DB_HOST="172.16.10.18"
ENV DB_NAME="hausverwaltung"
ENV DB_USER="hausverwaltung-ui"
ENV DB_PASS="test123"
ENV JWT_ISSUER='de.hottis.hausverwaltung'
ENV JWT_SECRET='streng_geheim'
ENV JWT_LIFETIME_SECONDS=60
ENV JWT_ALGORITHM='HS256'
RUN \
@ -24,7 +20,9 @@ RUN \
pip3 install connexion && \
pip3 install connexion[swagger-ui] && \
pip3 install uwsgi && \
pip3 install flask-cors
pip3 install flask-cors && \
pip3 install python-jose[cryptography] && \
pip3 install six
RUN \
mkdir -p ${APP_DIR} && \

1
ENV.tmpl
View File

@ -5,4 +5,3 @@ export DB_USER="hausverwaltung-ui"
export DB_PASS="test123"
export DB_NAME="hausverwaltung"
export JWT_SECRET='streng_geheim'

7
Mieter.py
View File

@ -1,8 +1,6 @@
from dbpool import getConnection, getMany, getOne
from auth import check_scope
def get_mieters(token_info):
check_scope(token_info, [ "mieter/read", "wohnung/read", "objekt/read" ])
def get_mieters():
return getMany("""
SELECT m.id as id,
o.id as objekt,
@ -23,8 +21,7 @@ SELECT m.id as id,
w.id = m.wohnung
""", [], "Mieter")
def get_mieter(id, token_info):
check_scope(token_info, [ "mieter/read", "wohnung/read", "objekt/read" ])
def get_mieter(id=None):
return getOne("""
SELECT m.id as id,
o.id as objekt,

7
Objekte.py
View File

@ -1,11 +1,8 @@
from dbpool import getConnection, getMany, getOne
from auth import check_scope
def get_objekte(token_info):
check_scope(token_info, "objekt/read")
def get_objekte():
return getMany("SELECT id, shortname, flaeche FROM objekt", [], "Objekt")
def get_objekt(id, token_info):
check_scope(token_info, "objekt/read")
def get_objekt(id=None):
return getOne("SELECT id, shortname, flaeche FROM objekt WHERE id = ?",
(id,), "Objekt")

11
Wohnungen.py
View File

@ -1,9 +1,6 @@
from dbpool import getConnection, getOne, getMany
from auth import check_scope
def get_wohnungen(token_info):
check_scope(token_info, "wohnung/read")
def get_wohnungen():
return getMany("""
SELECT w.id as id,
w.objekt as objekt,
@ -14,8 +11,7 @@ SELECT w.id as id,
WHERE o.id = w.objekt
""", [], "Wohnung")
def get_wohnung(id, token_info):
check_scope(token_info, [ "wohnung/read", "objekt/read" ])
def get_wohnung(id=None):
return getOne("""
SELECT w.id as id,
w.objekt as objekt,
@ -27,8 +23,7 @@ SELECT w.id as id,
w.id = ?
""", (id, ), "Wohnung")
def get_wohnungen_by_objekt(id, token_info):
check_scope(token_info, [ "wohnung/read", "objekt/read" ])
def get_wohnungen_by_objekt(id):
return getMany("""
SELECT w.id as id,
w.objekt as objekt,

19
ZahlungenForderungen.py
View File

@ -2,10 +2,8 @@ from dbpool import getConnection, getOne, getMany, putOne
import datetime
import decimal
import dateparser
from auth import check_scope
def get_zahlungen_by_mieter(mieter_id, token_info):
check_scope(token_info, "zahlung/read")
def get_zahlungen_by_mieter(mieter_id):
return getMany("""
SELECT id,
mieter,
@ -30,8 +28,7 @@ SELECT id,
""", [ id ], "Zahlung")
def get_forderungen_by_mieter(mieter_id, token_info):
check_scope(token_info, "forderung/read")
def get_forderungen_by_mieter(mieter_id):
return getMany("""
SELECT id,
mieter,
@ -43,8 +40,7 @@ SELECT id,
WHERE mieter = ?
""", [ mieter_id ], "Forderung")
def get_forderung(id, token_info):
check_scope(token_info, "forderung/read")
def get_forderung(id):
return getOne("""
SELECT id,
mieter,
@ -56,8 +52,7 @@ SELECT id,
WHERE id = ?
""", [ id ], "Forderung")
def get_zahlungforderung_by_mieter_and_year(mieter_id, year, token_info):
check_scope(token_info, [ "forderung/read", "zahlung/read", "mieter/read" ])
def get_zahlungforderung_by_mieter_and_year(mieter_id, year):
if year == 0:
year = datetime.datetime.now().year
start_date = "{}-01-01".format(year)
@ -77,8 +72,7 @@ WHERE mieter = ? AND
datum_soll BETWEEN ? AND ?
""", [mieter_id, start_date, end_date], "ZahlungForderung")
def get_saldo_by_mieter_and_year(mieter_id, year, token_info):
check_scope(token_info, [ "forderung/read", "zahlung/read", "mieter/read" ])
def get_saldo_by_mieter_and_year(mieter_id, year):
if year == 0:
year = datetime.datetime.now().year
start_date = "{}-01-01".format(year)
@ -112,8 +106,7 @@ WHERE mieter = ? AND
"zahlungen": float(sumZ)
}
def put_zahlung(zahlung, token_info):
check_scope(token_info, "zahlung/write")
def put_zahlung(zahlung):
print("Input of put_zahlung: {} {}".format(type(zahlung), zahlung))
datum_soll = dateparser.parse(zahlung["datum_soll"], languages=["de"])
datum_ist = dateparser.parse(zahlung["datum_ist"], languages=["de"])

44
auth.py Executable file → Normal file
View File

@ -1,35 +1,36 @@
import time
import connexion
from werkzeug.exceptions import Unauthorized, Forbidden
import six
from werkzeug.exceptions import Unauthorized
from jose import JWTError, jwt
import os
JWT_SECRET = os.environ['JWT_SECRET']
JWT_ISSUER = 'de.hottis.hausverwaltung'
JWT_SECRET = 'streng_geheim'
JWT_LIFETIME_SECONDS = 600
JWT_ALGORITHM = 'HS256'
def generate_token(user_id):
timestamp = _current_timestamp()
payload = {
"iss": JWT_ISSUER,
"iat": int(timestamp),
"exp": int(timestamp + JWT_LIFETIME_SECONDS),
"sub": str(user_id),
}
return jwt.encode(payload, JWT_SECRET, algorithm=JWT_ALGORITHM)
def decode_token(token):
try:
print("DEBUG decode_token: try to decode")
token_info = jwt.decode(token, JWT_SECRET)
print("DEBUG decode_token: token_info: {}".format(token_info))
return token_info
return jwt.decode(token, JWT_SECRET, algorithms=[JWT_ALGORITHM])
except JWTError as e:
print("ERROR decode_token: error when decoding token: {}".format(e))
raise Unauthorized()
six.raise_from(Unauthorized, e)
def check_token(token, key, value):
if (key in token) and ((token[key] == value) or (isinstance(token[key], list) and (value in token[key]))):
return True
print("WARN: check_token: {} -> {} required but not granted".format(key, value))
raise Forbidden()
def check_scope(token, value):
if isinstance(value, list):
for v in value:
check_token(token, "x-scope", v)
else:
check_token(token, "x-scope", value)
def get_secret(user, token_info) -> str:
return '''
@ -38,7 +39,6 @@ def get_secret(user, token_info) -> str:
'''.format(user=user, token_info=token_info)
def _current_timestamp() -> int:
return int(time.time())

4
run.sh
View File

@ -15,8 +15,4 @@ docker run \
-e DB_USER=$DB_USER \
-e DB_PASS=$DB_PASS \
-e DB_NAME=$DB_NAME \
-e JWT_ISSUER=$JWT_ISSUER \
-e JWT_SECRET=$JWT_SECRET \
-e JWT_LIFETIME_SECONDS=$JWT_LIFETIME_SECONDS \
-e JWT_ALGORITHM=$JWT_ALGORITHM
${IMAGE_NAME}:${VERSION}

2
server.py
View File

@ -3,7 +3,7 @@ from flask_cors import CORS
# instantiate the webservice
app = connexion.App(__name__)
app.add_api('openapi.yaml')
app.add_api('swagger.yaml')
# CORSify it - otherwise Angular won't accept it
CORS(app.app)

425
openapi.yaml → swagger.yaml
View File

@ -1,10 +1,7 @@
openapi: 3.0.0
info:
title: Hausverwaltung
version: "0.1"
security:
- jwt: []
title: Hausverwaltung-JWT
version: "0.2"
paths:
/hv/objekte:
@ -15,12 +12,10 @@ paths:
responses:
200:
description: Successful response.
content:
'application/json':
schema:
type: array
items:
$ref: '#/components/schemas/Objekt'
schema:
type: array
items:
$ref: '#/components/Objekt'
404:
description: No Objekte available
500:
@ -33,16 +28,13 @@ paths:
parameters:
- name: id
in: path
type: integer
required: true
schema:
type: integer
responses:
200:
description: Successful response.
content:
'application/json':
schema:
$ref: '#/components/schemas/Objekt'
schema:
$ref: '#/components/Objekt'
404:
description: Objekt not found
500:
@ -55,12 +47,10 @@ paths:
responses:
200:
description: Successful response.
content:
'application/json':
schema:
type: array
items:
$ref: '#/components/schemas/Wohnung'
schema:
type: array
items:
$ref: '#/components/Wohnung'
404:
description: No Wohnung available
500:
@ -73,18 +63,15 @@ paths:
parameters:
- name: id
in: path
type: integer
required: true
schema:
type: integer
responses:
200:
description: Successful response.
content:
'application/json':
schema:
type: array
items:
$ref: '#/components/schemas/Wohnung'
schema:
type: array
items:
$ref: '#/components/Wohnung'
404:
description: No Wohnung available
500:
@ -97,16 +84,13 @@ paths:
parameters:
- name: id
in: path
type: integer
required: true
schema:
type: integer
responses:
200:
description: Successful response.
content:
'application/json':
schema:
$ref: '#/components/schemas/Wohnung'
schema:
$ref: '#/components/Wohnung'
404:
description: Wohnung not found
500:
@ -119,19 +103,14 @@ paths:
responses:
200:
description: Successful response.
content:
'application/json':
schema:
type: array
items:
$ref: '#/components/schemas/Mieter'
schema:
type: array
items:
$ref: '#/components/Mieter'
404:
description: No Mieter available
500:
description: Some server error
security:
- jwt: ['secret']
/hv/mieter/{id}:
get:
tags: [ "Mieter" ]
@ -140,16 +119,13 @@ paths:
parameters:
- name: id
in: path
type: integer
required: true
schema:
type: integer
responses:
200:
description: Successful response.
content:
'application/json':
schema:
$ref: '#/components/schemas/Mieter'
schema:
$ref: '#/components/Mieter'
404:
description: Mieter not found
500:
@ -162,16 +138,13 @@ paths:
parameters:
- name: id
in: path
type: integer
required: true
schema:
type: integer
responses:
200:
description: Successful response.
content:
'application/json':
schema:
$ref: '#/components/schemas/Forderung'
schema:
$ref: '#/components/Forderung'
404:
description: Forderung not found
500:
@ -184,18 +157,15 @@ paths:
parameters:
- name: mieter_id
in: path
type: integer
required: true
schema:
type: integer
responses:
200:
description: Successful response.
content:
'application/json':
schema:
type: array
items:
$ref: '#/components/schemas/Forderung'
schema:
type: array
items:
$ref: '#/components/Forderung'
404:
description: No Forderung available
500:
@ -208,16 +178,13 @@ paths:
parameters:
- name: id
in: path
type: integer
required: true
schema:
type: integer
responses:
200:
description: Successful response.
content:
'application/json':
schema:
$ref: '#/components/schemas/Zahlung'
schema:
$ref: '#/components/Zahlung'
404:
description: Zahlung not found
500:
@ -230,18 +197,15 @@ paths:
parameters:
- name: mieter_id
in: path
type: integer
required: true
schema:
type: integer
responses:
200:
description: Successful response.
content:
'application/json':
schema:
type: array
items:
$ref: '#/components/schemas/Zahlung'
schema:
type: array
items:
$ref: '#/components/Zahlung'
404:
description: No Zahlung available
500:
@ -254,23 +218,19 @@ paths:
parameters:
- name: mieter_id
in: path
type: integer
required: true
schema:
type: integer
- name: year
in: path
type: integer
required: true
schema:
type: integer
responses:
200:
description: Successful response
content:
'application/json':
schema:
type: array
items:
$ref: '#/components/schemas/ZahlungForderung'
schema:
type: array
items:
$ref: '#/components/ZahlungForderung'
404:
description: No ZahlungForderung available
500:
@ -283,21 +243,17 @@ paths:
parameters:
- name: mieter_id
in: path
type: integer
required: true
schema:
type: integer
- name: year
in: path
type: integer
required: true
schema:
type: integer
responses:
200:
description: Successful response
content:
'application/json':
schema:
$ref: '#/components/schemas/Saldo'
schema:
$ref: '#/components/Saldo'
404:
description: Neither Forderungen nor Zahlungen available
500:
@ -307,19 +263,39 @@ paths:
tags: [ "Zahlung" ]
operationId: ZahlungenForderungen.put_zahlung
summary: Inserts a new Zahlung
requestBody:
content:
'application/json':
schema:
$ref: '#/components/schemas/Zahlung'
parameters:
- name: zahlung
in: body
schema:
$ref: '#/components/Zahlung'
responses:
202:
description: Zahlung successfully inserted
500:
description: Some server or database error
/auth/{user_id}:
get:
tags: [ "jwt" ]
summary: Return JWT token
operationId: auth.generate_token
parameters:
- name: user_id
description: User unique identifier
in: path
required: true
example: 12
schema:
type: integer
responses:
'200':
description: JWT token
content:
'text/plain':
schema:
type: string
/secret:
get:
tags: [ "JWT" ]
tags: [ "jwt" ]
summary: Return secret string
operationId: auth.get_secret
responses:
@ -329,132 +305,131 @@ paths:
'text/plain':
schema:
type: string
security:
- jwt: ['secret']
components:
Objekt:
description: Objekt type
type: object
properties:
id:
type: integer
shortname:
type: string
flaeche:
type: number
Wohnung:
description: Wohnung type
type: object
properties:
id:
type: integer
objekt:
type: integer
shortname:
type: string
flaeche:
type: number
objekt_shortname:
type: string
Mieter:
description: Mieter type
type: object
properties:
id:
type: integer
objekt:
type: integer
wohnung:
type: integer
wohnung_shortname:
type: string
objekt_shortname:
type: string
anrede:
type: string
vorname:
type: string
nachname:
type: string
strasse:
type: string
plz:
type: string
ort:
type: string
telefon:
type: string
einzug:
type: string
auszug:
type: string
Forderung:
description: Forderung type
type: object
properties:
id:
type: integer
mieter:
type: integer
datum:
type: string
betrag:
type: number
kommentar:
type: string
ref_wohnung:
type: number
Zahlung:
description: Zahlung type
type: object
properties:
id:
type: integer
mieter:
type: integer
datum_ist:
type: string
datum_soll:
type: string
betrag:
type: number
kommentar:
type: string
ZahlungForderung:
description: ZahlungForderung type
type: object
properties:
zf_type:
type: string
id:
type: integer
datum_soll:
type: string
datum_ist:
type: string
betrag_zahlung:
type: number
betrag_forderung:
type: number
kommentar:
type: string
mieter:
type: number
Saldo:
description: Saldo type
type: object
properties:
forderungen:
type: number
zahlungen:
type: number
saldo:
type: number
securitySchemes:
jwt:
type: http
scheme: bearer
bearerFormat: JWT
x-bearerInfoFunc: auth.decode_token
schemas:
Objekt:
description: Objekt type
type: object
properties:
id:
type: integer
shortname:
type: string
flaeche:
type: number
Wohnung:
description: Wohnung type
type: object
properties:
id:
type: integer
objekt:
type: integer
shortname:
type: string
flaeche:
type: number
objekt_shortname:
type: string
Mieter:
description: Mieter type
type: object
properties:
id:
type: integer
objekt:
type: integer
wohnung:
type: integer
wohnung_shortname:
type: string
objekt_shortname:
type: string
anrede:
type: string
vorname:
type: string
nachname:
type: string
strasse:
type: string
plz:
type: string
ort:
type: string
telefon:
type: string
einzug:
type: string
auszug:
type: string
Forderung:
description: Forderung type
type: object
properties:
id:
type: integer
mieter:
type: integer
datum:
type: string
betrag:
type: number
kommentar:
type: string
ref_wohnung:
type: number
Zahlung:
description: Zahlung type
type: object
properties:
id:
type: integer
mieter:
type: integer
datum_ist:
type: string
datum_soll:
type: string
betrag:
type: number
kommentar:
type: string
ZahlungForderung:
description: ZahlungForderung type
type: object
properties:
zf_type:
type: string
id:
type: integer
datum_soll:
type: string
datum_ist:
type: string
betrag_zahlung:
type: number
betrag_forderung:
type: number
kommentar:
type: string
mieter:
type: number
Saldo:
description: Saldo type
type: object
properties:
forderungen:
type: number
zahlungen:
type: number
saldo:
type: number