Add auth

LanternNassi · LanternNassi · commit b7fdbf8a4d39 · 2024-04-11T13:19:12.000+03:00
diff --git a/app/controllers/project.py b/app/controllers/project.py
@@ -9,12 +9,16 @@
 from flask_restful import Resource, request
 from flask import current_app, render_template
 
+from app.helpers.authenticate import (
+    jwt_required
+)
+
 # Todo: figure out a way to connect to projects and get projects
 
 
 class ProjectMemoryUsageView(Resource):
 
-    # @jwt_required
+    @jwt_required
     def post(self, project_id):
         return dict(status='success', data=dict()), 200
 
diff --git a/app/helpers/authenticate.py b/app/helpers/authenticate.py
@@ -0,0 +1,44 @@
+from flask_jwt_extended import (
+    jwt_required as jwt,
+    verify_jwt_in_request
+)
+from functools import wraps
+import jwt
+from flask import request , jsonify
+import os
+
+
+def jwt_required(fn):
+    @wraps(fn)
+    def wrapper(*args, **kwargs):
+
+        access_token = request.headers.get('Authorization')
+    
+        payload : object = {}
+
+        if access_token is None :
+            return jsonify({'message': 'Access token was not supplied'}), 401
+
+        try :
+            token = access_token.split(' ')[1]
+            if (access_token.split(' ')[0] != "Bearer"):
+                return jsonify({'message' : "Bad Authorization header. Expected value 'Bearer <JWT>'"}) , 422
+            
+            payload = jwt.decode(token, os.getenv('JWT_Token'), algorithms= ['HS256'])
+            
+            # kwargs['current_user'] = payload
+                
+        except jwt.exceptions.DecodeError:
+            return dict(message = "Access token is not valid or key") , 401
+        
+        return fn(*args, **kwargs)
+    return wrapper
+
+
+def admin_required(fn):
+    @wraps(fn)
+    @jwt_required
+    def wrapper(*args, **kwargs):
+        
+        return fn(*args, **kwargs)
+    return wrapper
diff --git a/config/config.py b/config/config.py
@@ -7,6 +7,7 @@ class Base:
     # main
     SECRET_KEY = os.getenv("FLASK_APP_SECRET")
     VERIFICATION_SALT = os.getenv("FLASK_VERIFY_SALT")
+    PASSWORD_SALT = os.getenv("FLASK_APP_SALT")
 
 
 class Development(Base):
diff --git a/server.py b/server.py
@@ -6,6 +6,9 @@
 from flask_cors import CORS
 from flasgger import Swagger
 
+from flask_jwt_extended import JWTManager
+
+
 from app.routes import api
 
 
@@ -39,6 +42,8 @@ def create_app(config_name):
 
     Swagger(app, template_file='api_docs.yml')
 
+    jwt = JWTManager(app)
+
     # handle default 404 exceptions with a custom response
 
     @app.errorhandler(404)
