Added login, moved files, started /achievements

.gitignore

@@ -102,3 +102,7 @@ venv.bak/
 
 # mypy
 .mypy_cache/
+
+# Endorsment-related
+config.py
+endorsement.db

achievements.py

@@ -0,0 +1,11 @@
+from app import app
+from models import Achievement
+
+import json
+
+@app.route("/achievement/<id>")
+def get_achievement(id):
+    achievement = Achievement.query.filter_by(id=id).first()
+    if not achievement:
+        return "{}"
+    return json.dumps(achievement.to_obj())

app.py

@@ -2,6 +2,5 @@ from flask import Flask
 from flask_sqlalchemy import SQLAlchemy
 
 app = Flask(__name__)
-app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:////tmp/test.db'
-app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
+app.config.from_object('config.Configuration')
 db = SQLAlchemy(app)

config.example.py

@@ -0,0 +1,9 @@
+class Configuration(object):
+    SQLALCHEMY_DATABASE_URI = 'sqlite:///endorsement.db'
+    SQLALCHEMY_TRACK_MODIFICATIONS = False
+    DEBUG = True
+    SECRET_KEY = '<change>'
+    SLACK_WEBHOOK = '<add url>'
+    LOGFILE = 'endorsement.log'
+    ZEUS_KEY = 'tomtest'
+    ZEUS_SECRET = 'blargh'

endorsement.py

@@ -1,14 +1,6 @@
 from app import app, db
 from models import User, Achievement
-import json
 
-@app.route("/users/<username>")
-def get_user(username):
-    user = User.query.filter_by(username=username).first()
-    if not user:
-        return "{}"
-    return json.dumps(user.to_obj())
-
-@app.route("/users/")
-def all_users():
-    return json.dumps([user.to_obj() for user in User.query.all()])
+from login import *
+from user import *
+from achievements import *

login.py

@@ -0,0 +1,26 @@
+from flask import redirect, session, url_for
+from flask_login import LoginManager, logout_user
+
+from app import app
+from models import User
+from zeus import zeus_login
+
+login_manager = LoginManager()
+login_manager.init_app(app)
+
+@login_manager.user_loader
+def load_user(userid):
+    return User.query.filter_by(id=userid).first()
+
+
+@app.route('/login')
+def login():
+    return zeus_login()
+
+
+@app.route('/logout')
+def logout():
+    if 'zeus_token' in session:
+        session.pop('zeus_token', None)
+    logout_user()
+    return redirect(url_for('home'))

models.py

@@ -16,6 +16,22 @@ class User(db.Model):
 
     def __repr__(self):
         return '<User %r>' % self.username
+    
+    # For login
+    def is_authenticated(self):
+        return True
+
+    def is_active(self):
+        return True
+
+    def is_admin(self):
+        return self.admin
+
+    def is_anonymous(self):
+        return False
+
+    def get_id(self):
+        return str(self.username)
 
 class Achievement(db.Model):
     id = db.Column(db.Integer, primary_key=True)

user.py

@@ -0,0 +1,15 @@
+from app import app
+from models import User
+
+import json
+
+@app.route("/users/<username>")
+def get_user(username):
+    user = User.query.filter_by(username=username).first()
+    if not user:
+        return "{}"
+    return json.dumps(user.to_obj())
+
+@app.route("/users/")
+def all_users():
+    return json.dumps([user.to_obj() for user in User.query.all()])

zeus.py

@@ -0,0 +1,69 @@
+from flask import redirect, url_for, session, jsonify, flash, request
+from flask_login import login_user
+from flask_oauthlib.client import OAuth, OAuthException
+import json
+import requests
+
+
+from app import app, db
+from models import User
+
+oauth = OAuth(app)
+
+zeus = oauth.remote_app(
+    'zeus',
+    consumer_key=app.config['ZEUS_KEY'],
+    consumer_secret=app.config['ZEUS_SECRET'],
+    request_token_params={},
+    base_url='https://adams.ugent.be/oauth/api/',
+    access_token_method='POST',
+    access_token_url='https://adams.ugent.be/oauth/oauth2/token/',
+    authorize_url='https://adams.ugent.be/oauth/oauth2/authorize/'
+)
+
+
+def zeus_login():
+    return zeus.authorize(callback=url_for('authorized', _external=True))
+
+
+@app.route('/login/zeus/authorized')
+def authorized():
+    resp = zeus.authorized_response()
+    if resp is None:
+        return 'Access denied: reason=%s error=%s' % (
+            request.args['error'],
+            request.args['error_description']
+        )
+    if isinstance(resp, OAuthException):
+        return 'Access denied: %s' % resp.message + '<br>' + str(resp.data)
+
+    session['zeus_token'] = (resp['access_token'], '')
+    me = zeus.get('current_user/')
+    username = me.data.get('username', '').lower()
+
+    user = User.query.filter_by(username=username).first()
+    if len(username) > 0 and user:
+        return login_and_redirect_user(user)
+    elif len(username) > 0:
+        user = create_user(username)
+        return login_and_redirect_user(user)
+
+    flash("You're not allowed to enter, please contact a system administrator")
+    return redirect(url_for("all_users"))
+
+
+@zeus.tokengetter
+def get_zeus_oauth_token():
+    return session.get('zeus_token')
+
+
+def login_and_redirect_user(user):
+    login_user(user)
+    return redirect(url_for("all_users"))
+
+
+def create_user(username):
+    user = User(username=username)
+    db.session.add(user)
+    db.session.commit()
+    return user