omr
/
barcode-flask
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
barcode-flask/main.py

108 lines
3.0 KiB
Python
Raw Normal View History

first thing
2024-02-24 16:40:08 +01:00
#!/usr/bin/env python3
added basic user api
2024-02-24 17:36:01 +01:00
import sqlite3
lot of stuff
2024-02-24 23:02:20 +01:00
from flask import Flask, request, jsonify, send_from_directory
from flask import make_response
from os import urandom
from base64 import b64encode
first thing
2024-02-24 16:40:08 +01:00
app = Flask(__name__)
added basic user api
2024-02-24 17:36:01 +01:00
def get_db():
lot of stuff
2024-02-24 23:02:20 +01:00
db = sqlite3.connect("main.sqlite")
added basic user api
2024-02-24 17:36:01 +01:00
return db
first thing
2024-02-24 16:40:08 +01:00
added basic user api
2024-02-24 17:36:01 +01:00
@app.route("/users", methods=["GET"])
def get_users():
db = get_db()
cursor = db.cursor()
cursor.execute("SELECT * FROM users")
users = cursor.fetchall()
return jsonify(users)
@app.route("/users", methods=["POST"])
def create_user():
db = get_db()
cursor = db.cursor()
lot of stuff
2024-02-24 23:02:20 +01:00
user = request.form["user"]
password = request.form["password"]
salt = request.form["salt"]
cursor.execute("INSERT INTO users (user, password, salt) \
VALUES (?, ?, ?)"
, (user, password, salt))
added basic user api
2024-02-24 17:36:01 +01:00
db.commit()
return jsonify({"message": "User created successfully"})
lot of stuff
2024-02-24 23:02:20 +01:00
@app.route("/login", methods=["POST"])
def login():
db = get_db()
cursor = db.cursor()
user = request.form["user"]
password = request.form.get("password", None)
if password is None:
cursor.execute("SELECT salt FROM users WHERE user = ?", (user,))
user = cursor.fetchone()
if user is None:
return jsonify({}), 404
print(user[0])
return make_response(user[0], 200)
cursor.execute("SELECT id FROM users WHERE user = ? AND password = ?",
(user, password))
user_id = cursor.fetchone()
if user_id is None:
return jsonify({}), 403
token = b64encode(urandom(16)).decode('utf-8')
cursor.execute("INSERT INTO token (id, token, expiry) VALUES (?,?,\
unixepoch(datetime(\"NOW\", \"+30 days\"))) \
RETURNING expiry;",
(user_id[0], token))
response = make_response("", 204)
response.set_cookie("token", value=token, expires=cursor.fetchone()[0])
return response
added basic user api
2024-02-24 17:36:01 +01:00
@app.route("/users/<int:user_id>", methods=["GET"])
def get_user(user_id):
db = get_db()
cursor = db.cursor()
cursor.execute("SELECT * FROM users WHERE id = ?", (user_id,))
user = cursor.fetchone()
return jsonify(user)
@app.route("/users/<int:user_id>", methods=["PUT"])
def update_user(user_id):
db = get_db()
cursor = db.cursor()
name = request.form["name"]
email = request.form["email"]
cursor.execute("UPDATE users SET name = ?, email = ? WHERE id = ?", (name, email, user_id))
db.commit()
return jsonify({"message": "User updated successfully"})
@app.route("/users/<int:user_id>", methods=["DELETE"])
def delete_user(user_id):
db = get_db()
cursor = db.cursor()
cursor.execute("DELETE FROM users WHERE id = ?", (user_id,))
db.commit()
return jsonify({"message": "User deleted successfully"})
lot of stuff
2024-02-24 23:02:20 +01:00
@app.route("/")
def index():
return send_from_directory("static", "index.html")
@app.route("/<path:path>")
def serve_static_path(path):
return send_from_directory('static', path)
added basic user api
2024-02-24 17:36:01 +01:00
if __name__ == "__main__":
app.run(debug=True)