from flask import request from flask_restful import Resource from psycopg2.extras import RealDictCursor from werkzeug.security import safe_str_cmp from blacklist import BLACKLIST from flask_jwt_extended import create_access_token, jwt_required, get_jwt from resources.utils import sql_login, create_conn, close_resources class UserLogin(Resource): def post(self): body = request.json conn_user_login = create_conn() cursor = conn_user_login.cursor(cursor_factory=RealDictCursor) try: cursor.execute(sql_login, (body["login"], body["senha"]), ) except KeyError: return close_resources({"cause": "missing parameter"}, 400, cursor, conn_user_login) except Exception: return close_resources({"cause": 'internal error'}, 500, cursor, conn_user_login) lista = [] for record in cursor: lista.append(record["senha"]) lista.append(record["su"]) senha_banco = '' if lista: senha_banco = lista[0] if lista and safe_str_cmp(body["senha"], senha_banco): return close_resources({'access_token': create_access_token(identity= body["login"])}, 200, cursor, conn_user_login) else: return close_resources({'access denied': 'incorrect username or password'}, 401, cursor, conn_user_login) class UserLogout(Resource): @jwt_required() def post(self): jwt_id = get_jwt()['jti'] BLACKLIST.add(jwt_id) return {'message': 'Logged out sucessfully!'}