From 33033633336b5f30725ec6bd460ba4f2abe18e19 Mon Sep 17 00:00:00 2001 From: nico Date: Sun, 19 Apr 2020 17:12:00 +0200 Subject: http return codes * fix flask returning multiple http status codes * update deprecated htpasswd.update method to use set_password --- app.py | 44 +++++++++++++++----------------------------- 1 file changed, 15 insertions(+), 29 deletions(-) diff --git a/app.py b/app.py index decd9df..3161fcc 100644 --- a/app.py +++ b/app.py @@ -24,28 +24,13 @@ htpasswd.users.autosave = True parser = reqparse.RequestParser() messages = { - 'OK': { - 'status': 200, - 'message': 'OK' - }, 'Created': { - 'status': 201, 'message': "User creation succeeded" }, - 'Unauthorized Request': { - 'status': 401, - 'message': 'Unauthorized Request', - }, - 'Unprocessable Entity':{ - 'status': 422, - 'message': 'Missing parameter' - }, 'Conflict': { - 'status': 409, 'message': 'Username conflict' }, 'InternalServerError': { - 'status': 500, 'message': 'Something went wrong, please contact the administrator.' } } @@ -67,7 +52,7 @@ def index(): html = ''.join([css, content]) # render finished HTML - return flask.Response(markdown.markdown(html, extensions=["fenced_code", "codehilite"]), status=200) + return markdown.markdown(html, extensions=["fenced_code", "codehilite"]), 200 @app.route('/joplin/auth-test') @@ -91,24 +76,25 @@ class NewUser(Resource): # break early if invitecode != app.config['INVITE_CODE']: - return flask.jsonify(messages['Unauthorized Request']) + return {'message': 'Unauthorized Request'}, 401 if None in [password, invitecode]: - return flask.jsonify(messages['Unprocessable Entity']) - + return {'message': 'Missing parameter'}, 422 + if username not in htpasswd.users.users(): # firstly try to create the folder to break if permissions aren't correct try: Path.mkdir(Path(path).joinpath('./%s' % username), mode=0o750, exist_ok=True) except OSError: - return flask.jsonify(messages['InternalServerError']) + return messages['InternalServerError'], 500 + # create user entry htpasswd.users.set_password(username, password) - return flask.jsonify(messages['Created']) + return messages['Created'], 201 else: - return flask.jsonify(messages['Conflict']) + return messages['Conflict'], 409 class ChangePW(Resource): @@ -124,15 +110,15 @@ class ChangePW(Resource): new_password = args['new_password'] if None in [password, new_password]: - return flask.jsonify(messages['Unprocessable Entity']) + return {'message': 'Missing parameter'}, 422 # check_password return False if password mismatch and None if no user is found if htpasswd.users.check_password(username, password): - htpasswd.users.update(username, new_password) + htpasswd.users.set_password(username, new_password) - return flask.jsonify(messages['OK']) + return {'message': 'OK'}, 200 else: - return flask.jsonify(messages['Unauthorized Request']) + return {'message': 'Unauthorized Request'}, 401 class DelUser(Resource): @@ -146,7 +132,7 @@ class DelUser(Resource): password = args['password'] if password is None: - return flask.jsonify(messages['Unprocessable Entity']) + return {'message': 'Missing parameter'}, 422 # check_password return False if password mismatch and None if no user is found if htpasswd.users.check_password(username, password): @@ -158,9 +144,9 @@ class DelUser(Resource): except FileNotFoundError: pass - return flask.Response(flask.jsonify([]), status=204) + return [], 204 else: - return flask.jsonify(messages['Unauthorized Request']) + return {'message': 'Unauthorized Request'}, 401 api.add_resource(NewUser, '/joplin//create') -- cgit v1.2.3-18-g5258