admin/parts_website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix: User login on production.

Browse Source
This commit is contained in:
teddy
2024-11-15 16:38:57 +00:00
parent ac2fc92380
commit f51d49c42c
3 changed files with 65 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
controllers/user.py
View File

@@ -53,43 +53,43 @@ def handle_db_disconnect(f):
# User authentication # User authentication
@routes_user.route("/login", methods=['POST', 'OPTIONS']) @routes_user.route("/login", methods=['POST', 'OPTIONS'])
def login(): def login():
Helper_App.console_log('login')
Helper_App.console_log(f'method={request.method}')
"""
if request.method == 'OPTIONS':
# Handle preflight request
response = current_app.make_default_options_response()
response.headers['Access-Control-Allow-Headers'] = f'Content-Type, {Model_View_Base.FLAG_CSRF_TOKEN}'
response.headers['Access-Control-Allow-Methods'] = 'POST, OPTIONS'
return response
"""
try: try:
data = request.json Helper_App.console_log('login')
Helper_App.console_log(f'method={request.method}')
"""
if request.method == 'OPTIONS':
# Handle preflight request
response = current_app.make_default_options_response()
response.headers['Access-Control-Allow-Headers'] = f'Content-Type, {Model_View_Base.FLAG_CSRF_TOKEN}'
response.headers['Access-Control-Allow-Methods'] = 'POST, OPTIONS'
return response
"""
try: try:
data = request.get_json() data = request.json
try:
data = request.get_json()
except:
data = {}
except: except:
data = {} data = {}
except: Helper_App.console_log(f'data={data}')
data = {} hash_callback = data.get(Model_View_Base.FLAG_CALLBACK, Model_View_Base.HASH_PAGE_HOME)
Helper_App.console_log(f'data={data}') Helper_App.console_log(f'hash_callback: {hash_callback}')
hash_callback = data.get(Model_View_Base.FLAG_CALLBACK, Model_View_Base.HASH_PAGE_HOME)
Helper_App.console_log(f'hash_callback: {hash_callback}')
""" """
# Verify CSRF token manually # Verify CSRF token manually
Helper_App.console_log(f'request headers={request.headers}') Helper_App.console_log(f'request headers={request.headers}')
token = request.headers.get(Model_View_Base.FLAG_CSRF_TOKEN) token = request.headers.get(Model_View_Base.FLAG_CSRF_TOKEN)
Helper_App.console_log(f'token={token}')
Helper_App.console_log(f'session={session}')
Helper_App.console_log(f'session token={session.get('csrf_token')}')
if not token or token != session.get('csrf_token'):
token = data.get(Model_View_Base.FLAG_CSRF_TOKEN, None)
Helper_App.console_log(f'token={token}') Helper_App.console_log(f'token={token}')
Helper_App.console_log(f'session={session}')
Helper_App.console_log(f'session token={session.get('csrf_token')}')
if not token or token != session.get('csrf_token'): if not token or token != session.get('csrf_token'):
raise BadRequest('Invalid or missing CSRF token') token = data.get(Model_View_Base.FLAG_CSRF_TOKEN, None)
""" Helper_App.console_log(f'token={token}')
# OAuth login if not token or token != session.get('csrf_token'):
try: raise BadRequest('Invalid or missing CSRF token')
"""
# OAuth login
# callback_login = F'{Model_View_Base.HASH_CALLBACK_LOGIN}{data.get(Model_View_Base.FLAG_CALLBACK, Model_View_Base.HASH_PAGE_HOME)}' # callback_login = F'{Model_View_Base.HASH_CALLBACK_LOGIN}{data.get(Model_View_Base.FLAG_CALLBACK, Model_View_Base.HASH_PAGE_HOME)}'
# encoded_path = quote(data.get(Model_View_Base.FLAG_CALLBACK, Model_View_Base.HASH_PAGE_HOME)) # encoded_path = quote(data.get(Model_View_Base.FLAG_CALLBACK, Model_View_Base.HASH_PAGE_HOME))

3
helpers/helper_app.py
View File

@@ -39,4 +39,5 @@ class Helper_App(BaseModel):
if current_app.app_config.is_development: if current_app.app_config.is_development:
print(message) print(message)
elif current_app.app_config.is_production: elif current_app.app_config.is_production:
current_app.logger.info(message) pass
current_app.logger.info(message)

36
static/MySQL/9000_populate.sql
View File

@@ -873,12 +873,42 @@ INSERT INTO Shop_User (
, firstname , firstname
, surname , surname
, email , email
# email_verified
, is_super_user , is_super_user
, active
, created_by
, created_on
) )
VALUES VALUES
('auth0|6582b95c895d09a70ba10fef', 'Teddy', 'Middleton-Smith', 'edward.middletonsmith@gmail.com', 1), (
('parts_guest', 'Guest', '', '', 0) 'auth0|6582b95c895d09a70ba10fef' -- id_user_auth0
, 'Teddy' -- firstname
, 'Middleton-Smith' -- surname
, 'edward.middletonsmith@gmail.com' -- email
, 1 -- is_super_user
, 1 -- active
, 1 -- created_by
, current_timestamp() -- created_on
),
(
'parts_guest' -- id_user_auth0
, 'Guest' -- firstname
, '' -- surname
, '' -- email
, 0 -- is_super_user
, 1 -- active
, 1 -- created_by
, current_timestamp() -- created_on
),
(
'auth0|672659014296b7f94a9bab45' -- id_user_auth0
, 'Tierney' -- firstname
, 'Gullen' -- surname
, 'tierneybailey13@gmail.com' -- email
, 1 -- is_super_user
, 1 -- active
, 1 -- created_by
, current_timestamp() -- created_on
)
; ;
# User Role link # User Role link