diff --git a/Pipfile b/Pipfile index b7e10b0..2e65c23 100644 --- a/Pipfile +++ b/Pipfile @@ -10,6 +10,7 @@ mariadb = "*" flask-api = "*" pyjwt = "*" flask-jwt-extended = "*" +flask-cors = "*" [dev-packages] diff --git a/Pipfile.lock b/Pipfile.lock index d21c898..eec23d8 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "654686a639ae618ee1116e4e49f842aa2fb0b7cb782ed4fa962d1d014db4c27f" + "sha256": "669b22bb2a66c8f60df267735d00d669d090508392aa6a13af139f18ecffba67" }, "pipfile-spec": 6, "requires": { @@ -33,19 +33,19 @@ }, "click": { "hashes": [ - "sha256:24e1a4a9ec5bf6299411369b208c1df2188d9eb8d916302fe6bf03faed227f1e", - "sha256:479707fe14d9ec9a0757618b7a100a0ae4c4e236fac5b7f80ca68028141a1a72" + "sha256:7682dc8afb30297001674575ea00d1814d808d6a36af415a82bd481d37ba7b8e", + "sha256:bb4d8133cb15a609f44e8213d9b391b0809795062913b383c62be0ee95b1db48" ], "markers": "python_version >= '3.7'", - "version": "==8.1.2" + "version": "==8.1.3" }, "flask": { "hashes": [ - "sha256:8a4cf32d904cf5621db9f0c9fbcd7efabf3003f22a04e4d0ce790c7137ec5264", - "sha256:a8c9bd3e558ec99646d177a9739c41df1ded0629480b4c8d2975412f3c9519c8" + "sha256:315ded2ddf8a6281567edb27393010fe3406188bafbfe65a3339d5787d89e477", + "sha256:fad5b446feb0d6db6aec0c3184d16a8c1f6c3e464b511649c8918a9be100b4fe" ], "index": "pypi", - "version": "==2.1.1" + "version": "==2.1.2" }, "flask-api": { "hashes": [ @@ -55,13 +55,21 @@ "index": "pypi", "version": "==3.0.post1" }, - "flask-jwt-extended": { + "flask-cors": { "hashes": [ - "sha256:ad6977b07c54e51c13b5981afc246868b9901a46715d9b9827898bfd916aae88", - "sha256:c82c9e505bc96f4a5186de31c05262dbcde6fa10581e9aa46df8f99ca04be2c3" + "sha256:74efc975af1194fc7891ff5cd85b0f7478be4f7f59fe158102e91abb72bb4438", + "sha256:b60839393f3b84a0f3746f6cdca56c1ad7426aa738b70d6c61375857823181de" ], "index": "pypi", - "version": "==4.3.1" + "version": "==3.0.10" + }, + "flask-jwt-extended": { + "hashes": [ + "sha256:0d001564c80df8606cbf26e4fad9855de01d97734b8158d8ac7e4faac579f10c", + "sha256:3fe81504bdc91ad8f1cb975bd2d95ec601251f31bde184115e39fc7e6ed23ea6" + ], + "index": "pypi", + "version": "==4.4.0" }, "idna": { "hashes": [ @@ -89,11 +97,11 @@ }, "jinja2": { "hashes": [ - "sha256:539835f51a74a69f41b848a9645dbdc35b4f20a3b601e2d9a7e22947b15ff119", - "sha256:640bed4bb501cbd17194b3cace1dc2126f5b619cf068a726b98192a0fde74ae9" + "sha256:31351a702a408a9e7595a8fc6150fc3f43bb6bf7e319770cbc0db9df9437e852", + "sha256:6088930bfe239f0e6710546ab9c19c9ef35e29792895fed6e6e31a023a182a61" ], "markers": "python_version >= '3.7'", - "version": "==3.1.1" + "version": "==3.1.2" }, "mariadb": { "hashes": [ @@ -172,6 +180,14 @@ "index": "pypi", "version": "==2.27.1" }, + "six": { + "hashes": [ + "sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926", + "sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==1.16.0" + }, "urllib3": { "hashes": [ "sha256:44ece4d53fb1706f667c9bd1c648f5469a2ec925fcf3a776667042d645472c14", @@ -182,11 +198,11 @@ }, "werkzeug": { "hashes": [ - "sha256:3c5493ece8268fecdcdc9c0b112211acd006354723b280d643ec732b6d4063d6", - "sha256:f8e89a20aeabbe8a893c24a461d3ee5dad2123b05cc6abd73ceed01d39c3ae74" + "sha256:1ce08e8093ed67d638d63879fd1ba3735817f7a80de3674d293f5984f25fb6e6", + "sha256:72a4b735692dd3135217911cbeaa1be5fa3f62bffb8745c5215420a03dc55255" ], "markers": "python_version >= '3.7'", - "version": "==2.1.1" + "version": "==2.1.2" }, "zipp": { "hashes": [ diff --git a/src/main.py b/src/main.py index cdb2792..3acc57c 100644 --- a/src/main.py +++ b/src/main.py @@ -13,6 +13,7 @@ from logging.config import dictConfig from pprint import pprint from flask import Flask, request, abort, jsonify, render_template, make_response +from flask_cors import CORS, cross_origin from flask.logging import default_handler from flask_api import status from flask_jwt_extended import create_access_token @@ -116,6 +117,10 @@ class BDD: logger = log.getLogger("U10Manager") app = Flask(__name__) +CORS(app, resources={r"/api/*": { + "origins": "http://localhost:4200", + "supports_credentials": True + }}) db = BDD(host='127.0.0.1', port=3306, user='vincent', password='malkavian', database='test1') app.config["SECRET_KEY"] = "thisissecret" @@ -126,7 +131,7 @@ app.config["JWT_TOKEN_LOCATION"] = ["cookies"] app.config["JWT_ACCESS_TOKEN_EXPIRES"] = datetime.timedelta(hours=1) # Controls if Cross Site Request Forgery (CSRF) protection is enabled when using cookies # This should always be True in production -app.config["JWT_COOKIE_CSRF_PROTECT"] = False +app.config["JWT_COOKIE_CSRF_PROTECT"] = True UPLOAD_FOLDER = 'static/img' ALLOWED_EXTENSIONS = {'png', 'jpg', 'gif', 'jpeg'} @@ -384,9 +389,21 @@ def reset_passwd_user(userId): content = {'message' : 'reset du mot de passe!'} return jsonify(content) -@app.route('/api/utilisateurs/login') +@app.route('/api/utilisateurs/current', methods=['GET']) +@jwt_required() +def current_user(): + ''' retourne l'utilisateur courant connecté ''' + # Access the identity of the current user with get_jwt_identity + current_user = get_jwt_identity() + return jsonify(current_user) + +@app.route('/api/utilisateurs/login', methods=['POST']) @dbmanage def login(): + ### DEBUG ### + logger.debug("Request : {}".format(request)) + logger.debug("Auth {}".format(request.authorization)) + ### END DEBUG ### auth = request.authorization user = None if not auth or not auth.username or not auth.password: