msnodeve
diff --git a/‎Pipfile‎
Lines changed: 1 addition & 1 deletion b/‎Pipfile‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎Pipfile.lock‎
Lines changed: 8 additions & 2 deletions b/‎Pipfile.lock‎
Lines changed: 8 additions & 2 deletions
diff --git a/‎app/__init__.py‎
Lines changed: 2 additions & 1 deletion b/‎app/__init__.py‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎app/api/__init__.py‎
Lines changed: 1 addition & 2 deletions b/‎app/api/__init__.py‎
Lines changed: 1 addition & 2 deletions
diff --git a/‎app/api/auth_type.py‎
Lines changed: 26 additions & 1 deletion b/‎app/api/auth_type.py‎
Lines changed: 26 additions & 1 deletion
diff --git a/‎app/posts/views.py‎
Lines changed: 4 additions & 0 deletions b/‎app/posts/views.py‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎app/users/views.py‎
Lines changed: 11 additions & 7 deletions b/‎app/users/views.py‎
Lines changed: 11 additions & 7 deletions
diff --git a/‎migrations/versions/42d37d473148_.py‎
Lines changed: 0 additions & 28 deletions b/‎migrations/versions/42d37d473148_.py‎
Lines changed: 0 additions & 28 deletions
diff --git a/‎migrations/versions/76e0c583e527_.py‎
Lines changed: 0 additions & 30 deletions b/‎migrations/versions/76e0c583e527_.py‎
Lines changed: 0 additions & 30 deletions
diff --git a/‎migrations/versions/b25fcdb3cfcc_.py‎ ‎migrations/versions/9e7208e2f6e8_.py‎migrations/versions/b25fcdb3cfcc_.py renamed to migrations/versions/9e7208e2f6e8_.py
Lines changed: 10 additions & 7 deletions b/‎migrations/versions/b25fcdb3cfcc_.py‎ ‎migrations/versions/9e7208e2f6e8_.py‎migrations/versions/b25fcdb3cfcc_.py renamed to migrations/versions/9e7208e2f6e8_.py
Lines changed: 10 additions & 7 deletions
@@ -20,7 +20,7 @@ marshmallow-jsonapi = "*"
 flask-script = "*"
 flask-basicauth = "*"
 pyjwt = "*"
-bcrypt = "*"
+flask-bcrypt = "*"
 
 [requires]
 python_version = "3.7"
@@ -12,9 +12,10 @@
 
 SQLALCHEMY_DATABASE_URI = \
     ("mysql+pymysql://{USER}:{PASSWORD}@{ADDR}:{PORT}/{NAME}?charset=utf8")
-    
+
 # 설명할 API에 대한 것
 MA = Marshmallow()
+
 def create_app() -> (Flask):
     """ create_app() 함수를 호출해 앱을 초기화 """
 
 
@@ -3,8 +3,7 @@
 from app.posts.views import API as posts_api
 from app.api.auth_type import ACCESS_TOKEN, BASIC_AUTH
 
-
 REST_API = Api(authorizations={**ACCESS_TOKEN, **BASIC_AUTH})
 
 REST_API.add_namespace(users_api, '/user')
-REST_API.add_namespace(posts_api, '/posts')
+REST_API.add_namespace(posts_api, '/posts')
@@ -1,3 +1,7 @@
+from flask import request
+from functools import wraps
+import jwt
+
 SECERET_KEY = "Hello"
 ACCESS_TOKEN = {
     'Access Token': {
@@ -12,4 +16,25 @@
         'in': 'header',
         'name': 'Authorization'
     },
-}
+}
+
+def login_required(f):
+    @wraps(f)
+    def decorated_function(*args, **kwargs):
+        access_token = request.headers['Authorization']
+        if access_token is not None:
+            try:
+                payload = jwt.decode(access_token, SECERET_KEY, "HS256")
+            except jwt.InvalidTokenError:
+                payload = None
+
+            # if payload is None:
+            #     return Response(status=401)
+
+            user_id = payload["user_id"]
+            # g.user = get_user_info(user_id) if user_id else None
+        else:
+            return Response(status=401)
+
+        return f(*args, **kwargs)
+    return decorated_function
@@ -8,6 +8,8 @@
 from app.constants import GET, POST, PATCH, DELETE
 from app.posts.models import Post, PostSchema
 from app.api.database import DB
+from app.api.auth_type import login_required
+from app.api.auth_type import BASIC_AUTH, ACCESS_TOKEN, SECERET_KEY
 
 API = Namespace('Posts', description="Post's REST API")
 
@@ -32,6 +34,8 @@ class Posts(Resource):
     parser.add_argument('author_id', required=True, type=int,
                         help="post's author", location='json')
 
+    @API.doc(responses=GET, security=ACCESS_TOKEN)
+    @login_required
     def get(self):
         try:
             posts_query = Post.query.all()
 
@@ -1,7 +1,7 @@
 
 import jwt
-import bcrypt
 import datetime
+import bcrypt
 from http import HTTPStatus
 from flask import jsonify
 from flask import make_response
@@ -13,6 +13,7 @@
 from app.constants import GET, POST, PATCH, DELETE
 from app.api.database import DB
 from app.api.auth_type import BASIC_AUTH, ACCESS_TOKEN, SECERET_KEY
+from app.api.auth_type import login_required
 
 API = Namespace('Users', description="User's REST API")
 
@@ -75,6 +76,7 @@ class UsersList(Resource):
         'password': fields.String
     })
     @API.doc(responses=GET, security=ACCESS_TOKEN)
+    @login_required
     def get(self):
         users_query = Users.query.all()
         results = USERS_SCHEMA.dump(users_query, many=True).data
@@ -83,7 +85,10 @@ def get(self):
     @API.expect(user_field)
     def post(self):
         args = self.parser.parse_args()
-        user = Users(args['name'], args['email'], args['password'])
+        temp = args['password']
+        hash_pw = bcrypt.hashpw(temp.encode(), bcrypt.gensalt())
+        t1 = bcrypt.checkpw(temp.encode(), hash_pw)
+        user = Users(args['name'], args['email'], hash_pw)
         try:
             DB.session.add(user)
             DB.session.commit()
@@ -110,20 +115,19 @@ class GetUser(Resource):
         'password': fields.String
     })
 
-    @API.doc(responses=POST, security=ACCESS_TOKEN)
+    @API.doc(responses=POST)
     @API.expect(user_field)
     def post(self):
         args = self.parser.parse_args()
         try:
-            #, Users.password == args['password']
             user = Users.query.filter(Users.name == args['name']).first()
-            if bcrypt.checkpw(args['password'].encode("UTF-8"), user.password.encode("UTF-8")):
+            if bcrypt.checkpw(args['password'].encode('utf-8'), user.password.encode('utf-8')):
                 #여기서 이제 토큰 발급해서 보내주기
                 payload = {
-                    "exp" : str(datetime.date.today())
+                    'user_id' : user.name
                 }
                 token = jwt.encode(payload, SECERET_KEY, "HS256")
-                body = jsonify({"access_token": token.decode("UTF-8"), "user": USERS_SCHEMA.dump(user).data})
+                body = jsonify({"access_token": token.decode('utf-8'), "user": {"id" : user.id}})
             if user:
                 code = HTTPStatus.OK
             else:
 
@@ -1,16 +1,16 @@
 """empty message
 
-Revision ID: b25fcdb3cfcc
+Revision ID: 9e7208e2f6e8
 Revises: 
-Create Date: 2019-07-19 21:28:12.190440
+Create Date: 2019-07-22 11:02:10.139072
 
 """
 from alembic import op
 import sqlalchemy as sa
 
 
 # revision identifiers, used by Alembic.
-revision = 'b25fcdb3cfcc'
+revision = '9e7208e2f6e8'
 down_revision = None
 branch_labels = None
 depends_on = None
@@ -25,13 +25,16 @@ def upgrade():
     sa.Column('password', sa.String(length=255), nullable=False),
     sa.Column('created', sa.TIMESTAMP(), server_default=sa.text('CURRENT_TIMESTAMP'), nullable=False),
     sa.PrimaryKeyConstraint('id'),
-    sa.UniqueConstraint('email'),
+    sa.UniqueConstraint('name'),
     mysql_collate='utf8_general_ci'
     )
-    op.create_table('teams',
+    op.create_table('posts',
     sa.Column('id', sa.Integer(), nullable=False),
-    sa.Column('name', sa.String(length=255), nullable=False),
     sa.Column('author_id', sa.Integer(), nullable=True),
+    sa.Column('name', sa.String(length=255), nullable=False),
+    sa.Column('title', sa.String(length=255), nullable=False),
+    sa.Column('body', sa.String(length=1024), nullable=False),
+    sa.Column('created', sa.TIMESTAMP(), server_default=sa.text('CURRENT_TIMESTAMP'), nullable=False),
     sa.ForeignKeyConstraint(['author_id'], ['users.id'], ),
     sa.PrimaryKeyConstraint('id'),
     mysql_collate='utf8_general_ci'
@@ -41,6 +44,6 @@ def upgrade():
 
 def downgrade():
     # ### commands auto generated by Alembic - please adjust! ###
-    op.drop_table('teams')
+    op.drop_table('posts')
     op.drop_table('users')
     # ### end Alembic commands ###