ki-backend/ki/routes.py

179 lines
4.3 KiB
Python
Raw Normal View History

2021-07-05 19:37:05 +02:00
# SPDX-FileCopyrightText: WTF Kooperative eG <https://wtf-eg.de/>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
2021-06-07 18:52:30 +02:00
import os
2021-06-13 19:41:32 +02:00
from flask import g, make_response, request, send_file
from functools import wraps
2021-06-07 17:52:14 +02:00
2021-06-12 13:24:26 +02:00
from ki.auth import auth
2021-07-05 18:54:25 +02:00
from ki.handlers import find_profiles as find_profiles_handler
2021-06-27 11:55:08 +02:00
from ki.handlers import update_profile as update_profile_handler
2021-07-02 16:49:14 +02:00
from ki.models import ContactType, Language, Skill, Token, User
from app import app, db
2021-06-06 22:25:10 +02:00
2021-07-12 20:18:45 +02:00
content_type_svg = "image/svg+xml"
content_type_png = "image/png"
2021-06-07 17:52:14 +02:00
2021-06-13 19:41:32 +02:00
def token_auth(func):
2021-06-13 19:41:32 +02:00
@wraps(func)
def _token_auth(*args, **kwargs):
auth_header = request.headers.get("Authorization")
if (auth_header is None):
return make_response({}, 401)
if not auth_header.startswith("Bearer"):
return make_response({}, 401)
token = Token.query.filter(Token.token == auth_header[7:]).first()
if token is None:
return make_response({}, 403)
g.user = token.user
return func(*args, **kwargs)
return _token_auth
2021-06-07 17:52:14 +02:00
def models_to_list(models):
models_list = []
for model in models:
models_list.append(model.to_dict())
return models_list
def handle_completion_request(model, key):
query = model.query
2021-06-07 17:52:14 +02:00
if "search" in request.args:
query = query.filter(model.name.startswith(request.args.get("search")))
2021-06-07 17:52:14 +02:00
results = query.order_by(model.name) \
2021-06-15 18:08:57 +02:00
.limit(10) \
.all()
2021-06-07 17:52:14 +02:00
api_results = models_to_list(results)
response_data = {}
response_data[key] = api_results
2021-06-07 17:52:14 +02:00
return response_data
2021-06-07 18:52:30 +02:00
def handle_icon_request(model, id, path):
object = db.session.get(model, id)
if object is None:
return make_response({}, 404)
2021-06-07 18:52:30 +02:00
icon_base_path = path + str(id)
2021-06-07 18:52:30 +02:00
icon_svg_path = icon_base_path + ".svg"
if os.path.exists(icon_svg_path):
2021-07-12 20:18:45 +02:00
return send_file(icon_svg_path, mimetype=content_type_svg)
2021-06-07 18:52:30 +02:00
icon_png_path = icon_base_path + ".png"
if os.path.exists(icon_png_path):
2021-07-12 20:18:45 +02:00
return send_file(icon_png_path, mimetype=content_type_png)
unknown_svg_path = path + "unknown.svg"
if os.path.exists(unknown_svg_path):
2021-07-12 20:18:45 +02:00
return send_file(unknown_svg_path, mimetype=content_type_svg)
unknown_png_path = path + "unknown.png"
if os.path.exists(unknown_png_path):
2021-07-12 20:18:45 +02:00
return send_file(unknown_png_path, mimetype=content_type_png)
return make_response({"error": "icon not found"}, 404)
@app.route("/")
def hello_world():
return "KI"
2021-06-13 19:41:32 +02:00
2021-06-12 13:24:26 +02:00
@app.route("/users/login", methods=["POST"])
def login():
2021-06-13 19:41:32 +02:00
username = request.json.get("username", "")
2021-06-12 13:24:26 +02:00
password = request.json.get("password", "")
token = auth(username, password)
if token is None:
return make_response({}, 403)
2021-06-21 21:22:39 +02:00
return make_response({"token": token.token, "user_id": token.user_id})
2021-06-13 19:41:32 +02:00
@app.route("/users/<user_id>/profile")
@token_auth
def get_user_profile(user_id):
user = User.query.filter(User.id == int(user_id)).first()
if user is None:
return make_response({}, 404)
2021-06-20 19:25:27 +02:00
profile = user.profile
if profile is None:
return make_response({}, 404)
2021-07-02 16:33:48 +02:00
if not profile.visible and profile.user.id != g.user.id:
return make_response({}, 403)
2021-06-26 12:16:14 +02:00
return make_response({
"profile": profile.to_dict(),
})
2021-06-13 19:41:32 +02:00
2021-06-20 20:13:19 +02:00
@app.route("/users/<user_id>/profile", methods=["POST"])
2021-06-27 12:20:36 +02:00
@token_auth
2021-06-20 20:13:19 +02:00
def update_profile(user_id):
2021-06-27 14:25:44 +02:00
if g.user.id != int(user_id):
return make_response({}, 403)
2021-06-27 13:07:54 +02:00
return update_profile_handler(int(user_id))
2021-06-20 20:13:19 +02:00
2021-07-02 16:49:14 +02:00
@app.route("/contacttypes")
@token_auth
def get_contacttypes():
return handle_completion_request(ContactType, "contacttypes")
2021-07-05 18:54:25 +02:00
@app.route("/users/profiles")
@token_auth
def find_profiles():
return find_profiles_handler()
@app.route("/skills")
2021-06-27 14:25:44 +02:00
@token_auth
def get_skills():
return handle_completion_request(Skill, "skills")
@app.route("/skills/<skill_id>/icon")
def get_skill_icon(skill_id):
skill_icons_path = app.config["KI_DATA_DIR"] + "/imgs/skill_icons/"
return handle_icon_request(Skill, skill_id, skill_icons_path)
@app.route("/languages")
2021-06-27 14:25:44 +02:00
@token_auth
def get_languages():
return handle_completion_request(Language, "languages")
2021-06-07 18:52:30 +02:00
@app.route("/languages/<language_id>/icon")
def get_language_icon(language_id):
language_flags_path = app.config["KI_DATA_DIR"] + "/imgs/flags/"
return handle_icon_request(Language, language_id, language_flags_path)