Commit 42e77c51 authored by Michal Pavlík's avatar Michal Pavlík

added support for anonymous users

parent 142e7603
......@@ -2,4 +2,32 @@
run bash unix.sh
## Windows
run windows.cmd
\ No newline at end of file
run windows.cmd
## Setup
This version has both OAuth2 and BasicAuth login implemented which means you can simply just create a
new user and access all secured endpoints with it:
[POST] /user
```
{
"username": "kvetinac",
"password": "kvetinac"
}
```
then just add the header to all requests:
`Authorization: Basic a3ZldGluYWM6a3ZldGluYWM=`
alternatively you can simply comment out this section in the Swagger.yml:
```
#security:
# - BasicAuth: []
# - OAuth2:
# - read
# - write
```
this will turn security completely off for all endpoints and will use a common anonymous user instead.
\ No newline at end of file
from config import db, cnx
import models
from os import path
# Create the database tables
with cnx.app.app_context():
db.create_all()
if not path.exists("./data.db"):
print("First run... Creating database schema.")
db.create_all()
# Call creation data on first run
import import_data
if __name__ == '__main__':
cnx.add_api('swagger.yml')
......
......@@ -13,7 +13,7 @@ def parse_page(data):
}
def create(user, token_info):
def create(user=1):
data = request.json
new_board = Board(title=escape(data['title']), author_id=user)
......@@ -23,7 +23,7 @@ def create(user, token_info):
return new_board.json(), 201
def post(id, user, token_info):
def post(id, user=1):
data = request.json
new_post = Post(message=escape(data['message']), author_id=user, board_id=id)
......
from config import db
import models
print("\n###Creating Anonymous User###\n")
anonymous_user = models.User(username='Anonymous', password='Anonymous')
db.session.add(anonymous_user)
db.session.commit()
print("\n###Creating General Board###\n")
general_board = models.Board(title='General', author_id=anonymous_user.id)
db.session.add(general_board)
db.session.commit()
\ No newline at end of file
......@@ -12,7 +12,7 @@ def get(id):
raise PostNotFound(id)
def delete(id, user):
def delete(id, user=1):
post = Post.query.get(id)
if not Post or post.author_id is not user:
......
import os
import uuid
import bcrypt
from flask import request, escape
from config import db, ALLOWED_IMAGE_FILES
from errors import UserNotFound, RegistrationFailed, UnsupportedFileType
from werkzeug.utils import secure_filename
from models import User
from config import db, ALLOWED_IMAGE_FILES
import bcrypt
import os
import uuid
def get(id):
user = User.query.get(id)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment