Merge remote-tracking branch 'origin/master'

2021-04-30 16:07:30 +02:00 · 2021-04-30 16:07:30 +02:00 · 3cae7b432d
commit 3cae7b432d
parent 907788ffa7 859e800590
4 changed files with 52 additions and 38 deletions
--- a/backend/app_be/urls.py
+++ b/backend/app_be/urls.py
@ -21,7 +21,6 @@ from app_be.views.rest_api import *

 urlpatterns = [
    path('admin/', admin.site.urls),
-    url(r'^test/', TestApiClass.test_api),
    url(r'^api/login', LoginClass.login),
 ]

--- a/backend/app_be/views/rest_api.py
+++ b/backend/app_be/views/rest_api.py
@ -3,48 +3,50 @@ import logging
 from django.http import JsonResponse

 from rest_framework.decorators import api_view
-from oauthlib import openid
 from py_jwt_validator import PyJwtValidator, PyJwtException
-import requests

 logger = logging.getLogger(__name__)


-class TestApiClass:
-    @staticmethod
-    @api_view(['GET'])
-    def test_api(request):
-        logger.debug('Test api call: {}'.format(request))
-        return JsonResponse({'Result': 'success'}, safe=False)
+def authorize(request):
+    logger.debug('Validating request: {}'.format(request))
+
+    if 'Authorization' not in request.headers:
+        print(f"Authorization header missing")
+        logger.error(f"Authorization header missing")
+        return None
+
+    bearer = request.headers['Authorization']
+
+    if len(bearer.split()) < 2:
+        return None
+
+    jwt = bearer.split()[1]
+
+    try:
+        validator = PyJwtValidator(jwt, auto_verify=False)
+        token = validator.verify(True)
+        if 'payload' in token:
+            payload = token['payload']
+            if 'sub' in payload:
+                return payload['sub']
+    except PyJwtException as e:
+        print(f"Exception caught. Error: {e}")
+        logger.error(f"Exception caught. Error: {e}")
+        return None
+    except UnicodeDecodeError as e2:
+        print(f"Exception caught. Error: {e2}")
+        logger.error(f"Exception caught. Error: {e2}")
+        return None
+    return None


 class LoginClass:
    @staticmethod
    @api_view(['GET'])
-    def login(request: requests.Request):
-        logger.debug('Validating request: {}'.format(request))
-
-        if 'Authorization' not in request.headers:
-            print(f"Authorization header missing")
-            logger.error(f"Authorization header missing")
+    def login(request):
+        user_sub = authorize(request)
+        if not user_sub:
            return JsonResponse({}, status=401)

-        bearer = request.headers['Authorization']
-
-        if len(bearer.split()) < 2:
-            return JsonResponse({}, status=401)
-
-        jwt = bearer.split()[1]
-
-        try:
-            PyJwtValidator(jwt)
-        except PyJwtException as e:
-            print(f"Exception caught. Error: {e}")
-            logger.error(f"Exception caught. Error: {e}")
-            return JsonResponse({}, status=401)
-        except UnicodeDecodeError as e2:
-            print(f"Exception caught. Error: {e2}")
-            logger.error(f"Exception caught. Error: {e2}")
-            return JsonResponse({}, status=401)
-
-        return JsonResponse({}, safe=False, status=200)
+        return JsonResponse({'user': user_sub}, safe=False, status=200)
--- a/frontend/src/app/component/einstellungen/einstellungen.component.html
+++ b/frontend/src/app/component/einstellungen/einstellungen.component.html
@ -1,7 +1,7 @@
 <app-navigation [activeLink]="'settings'"></app-navigation>
 <div class="content">
  <div class="text-center">
-    <div class="container" *ngFor="let number of [1, 2, 3]">
+    <div class="container" *ngFor="let number of [1]">
      <div class="row feed-list-row">
        <div class="col-2 text-center padding-0 margin-auto">
          <img class="feed-icon" src="assets/logo.svg" alt="Feed-Icon">
--- a/frontend/src/app/component/tweets/tweets.component.ts
+++ b/frontend/src/app/component/tweets/tweets.component.ts
@ -1,4 +1,6 @@
 import { Component, OnInit } from '@angular/core';
+import {AuthService} from '../../services/auth.service';
+import {HttpClient, HttpHeaders} from '@angular/common/http';

@Component({
  selector: 'app-tweets',
@ -7,13 +9,24 @@ import { Component, OnInit } from '@angular/core';
 })
 export class TweetsComponent implements OnInit {

-  constructor() { }
+  constructor(private http: HttpClient,
+              private authService: AuthService) { }

  ngOnInit(): void {
  }

  loadMore() {
    console.log('TODO: Implement');
-  }
+      const headerDict = {
+        'Authorization': 'Bearer ' + this.authService.getToken(),
+      };
+      return this.http.get('http://localhost:8000/api/login',
+        {
+          headers: new HttpHeaders(headerDict),
+          observe: 'response',
+        })
+        .subscribe(data => { console.log(data); alert('Returned with code: ' + data['status']); });
+    }

-}
+
+  }