This commit is contained in:
Julius 2019-07-05 14:11:27 +02:00
parent 07b4dfbe50
commit 518828b336
2 changed files with 38 additions and 4 deletions

View file

@ -5,10 +5,11 @@ from fastapi import Depends, FastAPI, HTTPException
from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
from jwt import PyJWTError
from passlib.context import CryptContext
from starlette.status import HTTP_401_UNAUTHORIZED
from starlette.status import HTTP_401_UNAUTHORIZED, HTTP_400_BAD_REQUEST, HTTP_404_NOT_FOUND
from .models import Token, TokenData, TicketCollection, User, UserInDB, NewCollection, NewUser, TicketCollectionDB
from .models import Token, TokenData, TicketCollection, User, UserInDB, NewCollection, NewUser, TicketCollectionDB, Ticket, TicketDB, NewTicket
from typing import List
from ormantic.exceptions import NoMatch
# to get a string like this run:
# openssl rand -hex 32
@ -16,6 +17,15 @@ SECRET_KEY = "da06994dd99d0c3a01df358c9e9bcec40db567378c3bbd47e10661d5fd8d7359"
ALGORITHM = "HS256"
ACCESS_TOKEN_EXPIRE_MINUTES = 30
def bad_request(reason: str = ""):
return HTTPException(HTTP_400_BAD_REQUEST, reason)
def not_found(reason: str = ""):
return HTTPException(HTTP_404_NOT_FOUND, reason)
pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/token")
@ -128,6 +138,26 @@ async def get_all_collections(current_user: User = Depends(get_current_active_us
return await TicketCollectionDB.objects.filter(user=current_user).all()
@app.get("/tickets/{id}", response_model=List[Ticket])
async def get_tickets_for_collection(id: int, current_user: User = Depends(get_current_active_user)):
coll = await TicketCollectionDB.objects.get(user=current_user, id=id)
return await TicketDB.objects.filter(collection=coll).all()
@app.post("/tickets/{id}", response_model=Ticket)
async def add_ticket_to_collection(id: int, ticket: NewTicket, current_user: User = Depends(get_current_active_user)):
try:
coll = await TicketCollectionDB.objects.get(user=current_user, id=id)
except:
raise not_found("something went to shit")
if (coll.requires_student and ticket.owner.isdigit()) or not coll.requires_student:
return await TicketDB.objects.create(owner=ticket.owner, email=ticket.email, collection=coll, validated=True)
else:
raise bad_request(
"The owner is not a number, and requires_student is True!")
@app.on_event("startup")
async def start():
try:

View file

@ -59,7 +59,6 @@ class Ticket(orm.Model):
validated: orm.Boolean() = False
class TicketDB(Ticket):
collection: orm.ForeignKey(TicketCollectionDB)
@ -69,6 +68,11 @@ class TicketDB(Ticket):
database = database
class NewTicket(BaseModel):
owner: str
email: EmailStr = None
class NewCollection(BaseModel):
name: str
price: float