123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157 |
- from array import array
- import threading
- from flask import session,Flask,request, jsonify
- import flask
- from utility.app_logging import logger_name
- import logging
- import persistence
- import Model.isp_model as isp_model
- import Model.model_manager as model_manager
- from werkzeug.security import check_password_hash
- import View.view_privilege as privileges
- import Modules.Inventory.inventory_view as inventory_view
- from datetime import timedelta
- import View.view_error_management as view_error_management
- logger = logging.getLogger(logger_name + ".VIEW")
- __app__ = Flask("OpenIsp")
- __app__.secret_key = "aseqzdwxc"
- __app__.permanent_session_lifetime = timedelta(minutes=2)
- __resource_array__ : array
- __id_counter__ : int = 1
- from werkzeug.serving import make_server
- class ServerThread(threading.Thread):
- def __init__(self, app,ip,port):
- threading.Thread.__init__(self)
- self.server = make_server(ip, port, app)
- self.ctx = app.app_context()
- self.ctx.push()
- def run(self):
- logger.info('starting server')
- self.server.serve_forever()
- def shutdown(self):
- self.server.shutdown()
- __server_process__ : ServerThread
- def get_roles_ids() :
- return session["roles_ids"]
- def init() :
- @__app__.before_request
- def before_request_func():
- print(request.headers.__dict__)
- global __id_counter__
- logger.debug("before_request is running!")
- if not "client_id" in session :
- session["client_id"] = str(__id_counter__)
- logger.debug("client_id is " + session["client_id"])
- __id_counter__ = __id_counter__ + 1
- if not request.path == "/api/login" and not "username" in session :
- logger.warning("Unauthorized client with id " + session["client_id"] + " try to access application")
- resp = jsonify({'message' : 'Unauthorized'})
- resp.status_code = 401
- return resp
- if "username" in session :
- logger.debug("request from " + session["username"])
- privileges.init()
- view_error_management.define_error_management(__app__)
- from flask.logging import default_handler
- __app__.logger.removeHandler(default_handler)
- for hand in logger.handlers :
- __app__.logger.addHandler(hand)
- @__app__.route('/api/login',methods = ['POST'])
- def login():
- _json = request.json
- _username = _json['username']
- _password = _json['password']
- with persistence.get_Session_Instance() as sess :
- Item = sess.query(isp_model.user_account).filter(isp_model.user_account.nickname == _username).first()
- if not isinstance(Item,isp_model.user_account) :
- logger.warning("user tried to login with unknown account name : " + _username)
- resp = jsonify({'message' : 'Bad Request - user account not found'})
- resp.status_code = 400
- return resp
- if not check_password_hash(Item.password,_password) :
- logger.warning("user with account name '" + _username + "' tried to login with invalid password")
- resp = jsonify({'message' : 'Bad Request - invalid password for this account'})
- resp.status_code = 400
- return resp
- session["username"] = _username
- session["account_data"] = model_manager.ModelObjectToJsonString(Item)
- session["roles_ids"] = [inventory_view.inventory_read_only_role.id]
- logger.info("account " + _username + " logged IN successfully with id : " + session["client_id"])
- resp = jsonify({'message' : 'login successful'})
- resp.status_code = 200
- return resp
- @__app__.route('/api/logout',methods = ['POST'])
- def logout():
- logger.info("account " + session["username"] + " logged OUT with id : " + session["client_id"])
- session.clear()
- return jsonify('logout')
- @__app__.route('/routes',methods = ['GET'])
- @privileges.manager.require_authorization(required_role=inventory_view.inventory_admin_role,ids_getter=get_roles_ids)
- def routes():
- routes = []
- for route in __app__.url_map.iter_rules():
- routes.append('%s' % route)
- return jsonify(routes)
- def run() :
- global __server_process__
- __server_process__ = ServerThread(__app__,"0.0.0.0",8000)
- __server_process__.start()
- logger.info('View server started')
- def stop() :
- global __server_process__
- __server_process__.shutdown()
- logger.info('View server stopped')
- def add_blueprint(blueprint : flask.Blueprint) :
- __app__.register_blueprint(blueprint)
- @privileges.manager.require_authorization(required_role=inventory_view.inventory_read_only_role,ids_getter=get_roles_ids)
- def tab():
- return jsonify([2,5,7])
- __app__.add_url_rule("/tab","/tab",tab)
|